发布求助
文献互助 智能选刊 最新文献

2023 IEEE International Conference on Cyber Security and Resilience (CSR)最新文献

筛选
英文 中文
A New Fast and Side-Channel Resistant AES Hardware Architecture 一种新的快速抗侧信道AES硬件架构
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224984
Marco Macchetti, Hervé Pelletier, C. Groux
{"title":"A New Fast and Side-Channel Resistant AES Hardware Architecture","authors":"Marco Macchetti, Hervé Pelletier, C. Groux","doi":"10.1109/CSR57506.2023.10224984","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224984","url":null,"abstract":"In this paper we present a novel architecture for a high-speed AES crypto core which is resistant against first-order side channel attacks; our design combines Boolean masking techniques, logic obfuscation applied to a composite-fields Sbox implementation, and interleaved computations. This approach reaches a remarkable trade-off between size, performance and need for randomness, showing to be competitive against designs based on threshold approaches and automated masking. We conduct simulation-based and FPGA-based security evaluations, which are shown to corroborate our security objectives.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130556502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
New Version, New Answer: Investigating Cybersecurity Static-Analysis Tool Findings 新版本,新答案:调查网络安全静态分析工具的发现
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224930
A. Reinhold, Travis Weber, Colleen Lemak, Derek Reimanis, C. Izurieta
{"title":"New Version, New Answer: Investigating Cybersecurity Static-Analysis Tool Findings","authors":"A. Reinhold, Travis Weber, Colleen Lemak, Derek Reimanis, C. Izurieta","doi":"10.1109/CSR57506.2023.10224930","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224930","url":null,"abstract":"Automated detection of vulnerabilities and weaknesses in binary code is a critical need at the frontier of cybersecurity research. Cybersecurity static-analysis tools aim to detect and enumerate vulnerabilities and weaknesses. Two popular tools are CVE Binary Tool (cve-bin-tool) and cwe-checker. Cve-bin-tool reports vulnerabilities using Common Vulnerabilities and Exposures (CVE) whereas cwe-checker reports weaknesses using Common Weakness Enumeration (CWE). Despite widespread use, the consistency with which these tools report vulnerabilities and weaknesses (herein, “findings”) was unaddressed. We conducted a systematic investigation of 660 unique binaries taken from a Kali Linux distribution, evaluated each binary with multiple versions of the static-analysis tools, and investigated how the findings changed according to the version of the static-analysis tool used. We expected some variation in findings commensurate with the software-development life cycle. However, the number and magnitude of the changes in findings reported across versions were substantial. New versions gave new answers.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"6 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123823342","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
ML and Network Traces to M.A.R.S ML和网络追踪到M.A.R.S
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224950
Waldemar Cruz, L. Michel, Benjamin Drozdenko, S. Roodbeen
{"title":"ML and Network Traces to M.A.R.S","authors":"Waldemar Cruz, L. Michel, Benjamin Drozdenko, S. Roodbeen","doi":"10.1109/CSR57506.2023.10224950","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224950","url":null,"abstract":"MARS is a Microservice Architecture Recovery Solution that uses Machine Learning and lightweight Network Traces to recover the architecture of applications in order to deploy network security policies and protect the organization against complex threats that may exploit several vulnerabilities to breach an application and either exfiltrate sensitive data or carry out denial of service attacks. The adoption of such security policies is often hindered by the lack of suitable documentation. This paper describes a novel methodology that uses machine learning on captured network traces to recover application architectures.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121060581","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Threat intelligence using Digital Twin honeypots in Cybersecurity 网络安全中使用数字孪生蜜罐的威胁情报
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224997
Maria Nintsiou, Elisavet Grigoriou, P. Karypidis, Theocharis Saoulidis, Eleftherios Fountoukidis, P. Sarigiannidis
{"title":"Threat intelligence using Digital Twin honeypots in Cybersecurity","authors":"Maria Nintsiou, Elisavet Grigoriou, P. Karypidis, Theocharis Saoulidis, Eleftherios Fountoukidis, P. Sarigiannidis","doi":"10.1109/CSR57506.2023.10224997","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224997","url":null,"abstract":"Digital Twins have been deployed for multiple purposes in Cybersecurity. Cyber-Physical Systems and similar systems are benefited from teaming with this technology. The goal of protecting the main systems or devices is easily reached as Digital Twins are known for their success and flexibility in multitasking and can provide adaptability to any device they clone. honeypots are excellent filtering and protection cyber tools capable of investigating and logging malicious activity around a network or device. This cyber tool mimics any network device or system and lures the attacker into a protected surveillance environment. It is not yet given the freedom, though, to act independently other than managing a few tasks and necessitates human intervention to change tactics or configuration. The framework proposed in this paper combines these two technologies, Digital Twins and honeypot, to fill this gap. The DiTwinIHon framework makes the physical honeypot easily adaptable in any network situation while enhancing its Threat Intelligence and providing additional features for detecting and investigating various threats, such as Advanced Persistent Threats.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"145 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123361481","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Hunting IoT Cyberattacks With AI - Powered Intrusion Detection 使用AI驱动的入侵检测来寻找物联网网络攻击
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224981
Sevasti Grigoriadou, Panagiotis I. Radoglou-Grammatikis, P. Sarigiannidis, Ioannis Makris, T. Lagkas, V. Argyriou, A. Lytos, Eleftherios Fountoukidis
{"title":"Hunting IoT Cyberattacks With AI - Powered Intrusion Detection","authors":"Sevasti Grigoriadou, Panagiotis I. Radoglou-Grammatikis, P. Sarigiannidis, Ioannis Makris, T. Lagkas, V. Argyriou, A. Lytos, Eleftherios Fountoukidis","doi":"10.1109/CSR57506.2023.10224981","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224981","url":null,"abstract":"The rapid progression of the Internet of Things allows the seamless integration of cyber and physical environments, thus creating an overall hyper-connected ecosystem. It is evident that this new reality provides several capabilities and benefits, such as real-time decision-making and increased efficiency and productivity. However, it also raises crucial cybersecurity issues that can lead to disastrous consequences due to the vulnerable nature of the Internet model and the new cyber risks originating from the multiple and heterogeneous technologies involved in the loT. Therefore, intrusion detection and prevention are valuable and necessary mechanisms in the arsenal of the loT security. In light of the aforementioned remarks, in this paper, we introduce an Artificial Intelligence (AI)-powered Intrusion Detection and Prevention System (IDPS) that can detect and mitigate potential loT cyberattacks. For the detection process, Deep Neural Networks (DNNs) are used, while Software Defined Networking (SDN) and Q-Learning are combined for the mitigation procedure. The evaluation analysis demonstrates the detection efficiency of the proposed IDPS, while Q- Learning converges successfully in terms of selecting the appropriate mitigation action.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"85 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131740961","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Blockchain-Based Trustworthy O2O Interaction in the Next 6G Ecosystem 下一个6G生态系统中基于区块链的可信O2O互动
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224977
E. Bellini, E. Damiani, S. Marrone
{"title":"Blockchain-Based Trustworthy O2O Interaction in the Next 6G Ecosystem","authors":"E. Bellini, E. Damiani, S. Marrone","doi":"10.1109/CSR57506.2023.10224977","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224977","url":null,"abstract":"In traditional mobile networks', trust between sub-scribers and their serving networks is based on a hardware root-of-trust: the SIM. Trust between service and home networks, when different, was based on Trusted Third Parties (TTPs), called Clearing Houses (CHs), which guarantee the trustworthiness of the evidence about service use. The $6mathrm{G}$ scenario will see the number of subscribers boosted by mass deployment of Internet-of-Everything as well as the improvement of the network performance. At the same time, the performance required to the TTP to manage $6mathrm{G}$ operator-to-operator $(mathrm{O}2mathrm{O})$ trustworthy interactions must be aligned to the $6mathrm{G}$ ecosystem requirements as well. However, supporting scalability in $6mathrm{G}mathrm{O}2mathrm{O}$ trust is still considered an open challenge. The aim of this paper is to tackle this challenge by presenting a blockchain-based approach for CHs, able to support $mathrm{O}2mathrm{O}$ trustworthy interactions in the $6mathrm{G}$ scenario. Both home and roaming use cases are considered.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"70 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115348429","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Explaining Binary Obfuscation 解释二进制混淆
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224825
C. Greco, M. Ianni, A. Guzzo, G. Fortino
{"title":"Explaining Binary Obfuscation","authors":"C. Greco, M. Ianni, A. Guzzo, G. Fortino","doi":"10.1109/CSR57506.2023.10224825","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224825","url":null,"abstract":"Binary obfuscation is a very broad set of techniques widely employed in the context of code protection from piracy. However, it is also used for malicious goals, e.g. virus writers often employ obfuscation in order to evade signature-based antivirus detection. Thus, the ability to detect if an executable has been obfuscated is of paramount importance, as it allows to thwart the execution of potentially malicious code. The task of detection, however, is not easy, since many different obfuscating transformations exist and the alteration of an original code is not always easily detectable. In this paper, we want to shed light on the blurry task of obfuscation detection. We will look at this task through the brand new lenses of explainable artificial intelligence (XAI), in order to finally sharpen the obscure landscape of obfuscated software. Thanks to XAI we will be able to identify the relevant features altered by the transformating obfuscation as well as the invariant ones, that can be used for obfuscation-resistant malware signatures. We show our findings thanks to an evaluation with a dataset of obfuscated and non-obfuscated binaries, explaining the important features that lead to the detection of obfuscating transformations.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123307931","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Trustworthiness-Related Risks in Autonomous Cyber-Physical Production Systems - A Survey 自主信息物理生产系统中与信任相关的风险——调查
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224955
Maryam Zahid, Alessio Bucaioni, Francesco Flammini
{"title":"Trustworthiness-Related Risks in Autonomous Cyber-Physical Production Systems - A Survey","authors":"Maryam Zahid, Alessio Bucaioni, Francesco Flammini","doi":"10.1109/CSR57506.2023.10224955","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224955","url":null,"abstract":"The production industry is looking for new solutions to improve the reliability, safety and efficiency of traditional processes. Current developments in artificial intelligence and machine learning have enabled a high level of autonomy in smart-manufacturing and production systems within Industry 4.0, thus paving the way towards fully Autonomous Cyber-Physical Production Systems (ACPPS). Although ACPPS can have many advantages, there still remains a concern regarding how much we can trust those systems, due to limited predictability, transparency, and explainability, as well as emerging vulnerabilities related to machine learning systems. In this paper, we present the findings of a study conducted on the possible risks related to the trustworthiness of ACPPS, and the consequences they have on the system and its environment.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"104 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129424502","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Optimizing AI for Mobile Malware Detection by Self-Built-Dataset GAN Oversampling and LGBM 基于自建数据集GAN过采样和LGBM的移动恶意软件检测优化
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224927
Ortal Dayan, L. Wolf, Fang Wang, Yaniv Harel
{"title":"Optimizing AI for Mobile Malware Detection by Self-Built-Dataset GAN Oversampling and LGBM","authors":"Ortal Dayan, L. Wolf, Fang Wang, Yaniv Harel","doi":"10.1109/CSR57506.2023.10224927","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224927","url":null,"abstract":"The cyber detection industry focuses on analyzing the behavior of threats in order to develop IOCs and triggers. This process makes the detection always behind the attackers, as there is an analysis time between the attack tool launch and the detection ability. To address the challenges, a dedicated Sandbox environment was built, and thousands of mobile devices' samples were tested, resulted in creation of an up-to-date training dataset that is not based on the attacks analysis. With this dataset, the research focus was directed towards optimizing the AI methodology to achieve the best detection rates for a compromised mobile device. A CupolaGAN was implemented to oversample dataset and to compare results obtained from training LGBM models on both original imbalanced dataset and oversampled dataset. Classification scores on the oversampled data increase by maximum of 0.47+/-0.37%. The performance of the fine-tuned model using Optuna on the balanced data reaches 99.36+/-0.19% accuracy.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"34 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128829458","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
How to secure the IoT-based surveillance systems in an ELEGANT way 如何以优雅的方式保护基于物联网的监控系统
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224938
Aleksandra Pawlicka, Damian Puchalski, M. Pawlicki, R. Kozik, R. Choras
{"title":"How to secure the IoT-based surveillance systems in an ELEGANT way","authors":"Aleksandra Pawlicka, Damian Puchalski, M. Pawlicki, R. Kozik, R. Choras","doi":"10.1109/CSR57506.2023.10224938","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224938","url":null,"abstract":"With the emergence and development of the Internet of Things, every interconnected device, from tiny smart home appliances to cars, critical infrastructures and mass surveillance systems, has contributed to enhancing and improving people's lives. Yet, this comes at a cost - IoT's vulnerabilities, which make it susceptible to cyberattacks, put people's assets and wellbeing at serious risk. One of the ways of securing IoT consists in developing specialized Intrusion Detection Systems. This paper proposes such a solution. This artificial-intelligence-powered tool has been employed in a video surveillance-related use-case as part of the ELEGANT project and has already shown promise in effective detection of network attacks targeted at the IoT devices.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"21 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127511753","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信