发布求助
文献互助 智能选刊 最新文献

2020 International Conference on Software Security and Assurance (ICSSA)最新文献

筛选
英文 中文
Why Compliance is needed for Internet of Things? 为什么物联网需要遵从性?
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00019
Syed Rizvi, Shakir Campbell, K. Alden
{"title":"Why Compliance is needed for Internet of Things?","authors":"Syed Rizvi, Shakir Campbell, K. Alden","doi":"10.1109/ICSSA51305.2020.00019","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00019","url":null,"abstract":"The Internet of Things (IoT) is a relatively new concept that has been coined and is now commonly used in the field of Information Technology (IT). This concept is defined as many things, but the simplest way to describe IoT is as the culmination of all of the new devices, systems, applications, technology, etc. that are connected and can transmit data without the need of a human or computer. This developing industry is expected to have billions of devices interconnected in the next few years. This growth is happening in all branches of traditional IT. Different divisions of IT, such as the financial division or medical division of IT, are already moving to the IoT. While this technological advancement is conceptually astounding, just like anything new in the world of IT, there arise many questions about the security of, or lack thereof, IoT. The main purpose of this paper is not to come up with a solution to the lack of security compliance of IoT but identify that the lack of compliance laws for IoT is a problem and that traditional IT compliance laws do not work for the IoT unless modified. Instead, new compliance standards should be established to cover the subject of IoT.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"168 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114206498","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Distributed Unit Security for 5G Base-Stations using Blockchain 使用区块链的5G基站的分布式单元安全性
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00010
William B. Crowe, T. Oh
{"title":"Distributed Unit Security for 5G Base-Stations using Blockchain","authors":"William B. Crowe, T. Oh","doi":"10.1109/ICSSA51305.2020.00010","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00010","url":null,"abstract":"5G in the United States has been rapidly growing this past year as the New Radio (NR) standards have been finalized. The top three US cellular carriers cover most major cities in 2019, and the plans are to cover most of the nation by the close of 2020. Field testing shows that 5G is meeting the promise of gigabit speeds and single digit latency over millimeter wave. 5G Security is ever so more critical with the expectation of massive IoT, M2M, VANET, and High-Speed Fixed Wireless. More devices will rely on commercially available wireless internet, it should be expected that 5G Security will be thoroughly tested by unscrupulous individuals. To enhance security, this paper will cover utilizing Blockchain for identity management of the next generation NodeB (gNB) for the user equipment (UE) would make Rogue Cellsite, man-in-the-middle-attacks, or Stingray much harder to perform. This would prevent the UE from blindly connecting to any gNB it sees and sharing sensitive information because of the connection requested from an untrusted source. While there are other potential security flaws in 5G, implementing Blockchain in a commercial network would enhance attach and handover security for all devices that use 5G.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"185 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"133716877","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Security Analysis of SOHO Wi-Fi routers SOHO Wi-Fi路由器的安全性分析
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00020
Sandeep Romana, Jyostna Grandhi, P. R. L. Eswari
{"title":"Security Analysis of SOHO Wi-Fi routers","authors":"Sandeep Romana, Jyostna Grandhi, P. R. L. Eswari","doi":"10.1109/ICSSA51305.2020.00020","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00020","url":null,"abstract":"Wi-Fi-enabled Small Office/Home Office (SOHO) routers have become ubiquitous for having internet access in many network environments. With the advent of the ‘Internet of Things’ (IoT) and smart devices, almost all household devices are connected to the internet via these Wi-Fi-enabled SOHO routers. There have been numerous reports of security issues in SOHO routers because of known vulnerabilities. Except for enterprise networks, these devices acting as gateways are rarely safeguarded properly. The reasons for neglecting the security of these devices are many. Reports suggest that users often deploy these devices with insecure default configurations, leaving them as easy prey in the hands of malice users. Due to the easy exploitability, these devices have become attackers' paradise. The security analysis of these devices is often overlooked and challenging to undertake because of various versions of custom Linux based firmware and bootloaders they use. The security analysis of these devices holds strategic importance as they act as a gateway to almost every household having access to the internet. In this paper, we list the software and hardware interfaces of SOHO routers which are important for security analysis. We present a network environment for carrying out the security analysis of these devices. An iterative approach using static & dynamic analysis is described. Further, the static & dynamic analysis is augmented with symbolic analysis. To validate the described procedures, we present the case study of performing security analysis on a Netis WF2411 router.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"51 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114055345","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Document Representations to Improve Topic Modelling 改进主题建模的文档表示
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.2139/ssrn.3733546
P. V. Poojitha, R. Menon
{"title":"Document Representations to Improve Topic Modelling","authors":"P. V. Poojitha, R. Menon","doi":"10.2139/ssrn.3733546","DOIUrl":"https://doi.org/10.2139/ssrn.3733546","url":null,"abstract":"Each and every day we are collecting lots of information from web applications. So it is difficult to understand or detect what the whole information is all about. To detect, understand and summarise the whole information we need some specific tools and techniques like topic modelling which helps to analyze and identify the crisp of the data. This paper implements the sparsity based document representation to improve Topic Modeling, it organizes the data with meaningful structure by using machine learning algorithms like LDA(Latent Dirichlet Allocation) and OMP(Orthogonal Matching Pursuit) algorithms. It identifies a documents belongs to which topic as well as similarity between documents in an existing dictionary. The OMP(Orthogonal Matching Pursuit) algorithm is the best algorithm for sparse approximation With better accuracy. OMP(Orthogonal Matching Pursuit) algorithm can identify the topics to which the input document[Y] is mostly related to across a large collection of text documents present in a dictionary.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"29 10","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114126784","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Comparison of various interpolation techniques to infer localization of audio files using ENF signals 使用ENF信号推断音频文件定位的各种插值技术的比较
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00015
Hye-Seung Han, KangHoon Lee, Y. Jeon, Ji-Won Yoon
{"title":"Comparison of various interpolation techniques to infer localization of audio files using ENF signals","authors":"Hye-Seung Han, KangHoon Lee, Y. Jeon, Ji-Won Yoon","doi":"10.1109/ICSSA51305.2020.00015","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00015","url":null,"abstract":"Electrical Network Frequency (ENF) is a frequency of the electrical power signal of the power grid that plays a key role in the level of security. There is a difference in the values on the supply and demand on power usage. Due to its distinctive value, the ENF data hold great importance in the field of security. Examining the ENF signal makes it possible to trace the location where the ENF signal was generated. By making the most use of certain interpolation techniques, we can estimate the ENF value of a specific location and evaluate the estimated performance. Interpolating the ENF signals on the target location can increase the accuracy of the estimate for the unacquainted ENF signals. In this paper, we interpolated the ENF values of the power grid of the United States by using three different methods: IDW, Ordinary Kriging, and Universal Kriging. Then we evaluated the RMSE calculated by varying the hyper-parameters and models of interpolation methods. As a result, it was found that applying the Ordinary Kriging in the Western grid had the lowest RMSE. For the Eastern power grid, it was the IDW with λ=−1 which showed the lowest RMSE. We concluded that each power grid had different characteristics. Therefore different interpolation techniques should be applied to each case for precise approximation.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126770705","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Assessing the sovereignty and security of the Austrian internet 评估奥地利互联网的主权和安全
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00011
Florian Plainer, Klaus Kieseberg, Peter Kieseberg
{"title":"Assessing the sovereignty and security of the Austrian internet","authors":"Florian Plainer, Klaus Kieseberg, Peter Kieseberg","doi":"10.1109/ICSSA51305.2020.00011","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00011","url":null,"abstract":"With many people depending on the internet in their daily work lives, the question on dependencies of these services arises. This is especially true when considering services provided by critical (IT) infrastructure or linked to governmental bodies. In this work, we provide a methodology and subsequent analysis results regarding the security and nature of dependencies of important Austrian sites on other nations and (potentially vulnerable) resources. Furthermore, we added a specific sub set to the analysis, focusing on governmental sites due to their increasing importance. The results of this analysis helps with the identification of critical resources outside the original services scope, especially considering the inclusion of services from outside the European Union and/or from unknown/unofficial sites. Furthermore, we also analyse the usage of security headers and the adoption of HTTPS, allowing an estimation of the state of security of vital services.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"134 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116340085","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Copyright 版权
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/icssa51305.2020.00003
{"title":"Copyright","authors":"","doi":"10.1109/icssa51305.2020.00003","DOIUrl":"https://doi.org/10.1109/icssa51305.2020.00003","url":null,"abstract":"","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"5 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130596095","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts 使用自适应共振AI概念进行异常检测以保护网络免受高级持续威胁
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00018
Syed Rizvi, T. Flock, Travis Flock, Iyonna Williams
{"title":"Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts","authors":"Syed Rizvi, T. Flock, Travis Flock, Iyonna Williams","doi":"10.1109/ICSSA51305.2020.00018","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00018","url":null,"abstract":"In this paper, we will improve the Advanced Persistent Threats (APT) attack detection rate accuracy by using an artificial intelligence based anomalous intrusion detection that will be based on unsupervised learning techniques. This system will be mainly network-based with a thin layer running on the host device. We plan to mainly use an unsupervised artificial intelligence technique that utilizes Adaptive Resonance theory that will be paired with a signature-based system that will filter anomalous data and significantly improve detection rates and decrease false positive rates compared to typical anomalous intrusion detection system (IDS). If proven here, this system could be applied to future IDS and can significantly increase overall network security for an organization.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131494745","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Medical Blockchains and Privacy in Austria - Technical and Legal Aspects 奥地利的医疗区块链和隐私-技术和法律方面
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00009
Andreas Kolan, S. Tjoa, Peter Kieseberg
{"title":"Medical Blockchains and Privacy in Austria - Technical and Legal Aspects","authors":"Andreas Kolan, S. Tjoa, Peter Kieseberg","doi":"10.1109/ICSSA51305.2020.00009","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00009","url":null,"abstract":"The utilization of blockchains in the medical domain has been discussed for quite some time, with multiple academic projects targeting various application domains in this field. Still, many countries feature underlying laws and regulations that make this utilization hard to impossible, especially when considering the sensitive nature of medical records. In this work we analyze the specific situation in Austria and analyse the two major regulations that need to be taken into account, the EU-wide GDPR and the Austria-specific ELGA, with respect to blockchain applications in the medical sector in Austria. Furthermore, we outline several additional key issues that need to be taken into consideration, as well as the problem of the most prominent solution, linking to external storage from the blockchain.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"188 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134029730","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A Study on Reflecting User Experience for Sensor-based Android IoT Services 基于传感器的Android物联网服务用户体验反映研究
2020 International Conference on Software Security and Assurance (ICSSA) Pub Date : 2020-10-01 DOI: 10.1109/ICSSA51305.2020.00021
Bo-Min Kim, J. Ahn, Hyung-Jong Kim
{"title":"A Study on Reflecting User Experience for Sensor-based Android IoT Services","authors":"Bo-Min Kim, J. Ahn, Hyung-Jong Kim","doi":"10.1109/ICSSA51305.2020.00021","DOIUrl":"https://doi.org/10.1109/ICSSA51305.2020.00021","url":null,"abstract":"Smartphones are equipped with various sensors for apps with mobility services. However, the operating systems of smartphones do not provide proper authorization scheme for accessing the sensors data. In this work, we propose new scheme for limiting the access to the sensors of Android smartphones. Especially, we made use of the user preference and experience for supporting the decision of the new user of apps which are making use of the built-in sensors in Android smartphone.","PeriodicalId":346706,"journal":{"name":"2020 International Conference on Software Security and Assurance (ICSSA)","volume":"30 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-10-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125504120","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信