发布求助
文献互助 智能选刊 最新文献

2023 IEEE International Conference on Cyber Security and Resilience (CSR)最新文献

筛选
英文 中文
Early Detection of Reconnaissance Attacks on IoT Devices by Analyzing Performance and Traffic Characteristics 通过分析物联网设备的性能和流量特征,早期发现对物联网设备的侦察攻击
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224986
Prathibha Keshavamurthy, Sarvesh Kulkarni
{"title":"Early Detection of Reconnaissance Attacks on IoT Devices by Analyzing Performance and Traffic Characteristics","authors":"Prathibha Keshavamurthy, Sarvesh Kulkarni","doi":"10.1109/CSR57506.2023.10224986","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224986","url":null,"abstract":"Cyber attackers use various techniques to gather information about a target in order to identify the vulnerabilities of the target and plan their attack on the target. The first step in planning an attack is reconnaissance. A simple port scan can reveal a lot of useful information about the target machine. Open source tools like ‘nmap’ can quickly scan and gather significant information about hosts on the Internet and provide a great insight into these systems. One cannot attack a system that is not visible to them. When a target system does not respond to scans by attackers, that can be an effective ‘prevention is better than cure’ approach to defense. When a host is actively scanned for multiple open ports by one or more sources, unusual transformations occur in its CPU utilization, the number of incoming and outgoing packets and their average sizes. The purpose of this work is to identify the reliable anomaly markers and demonstrate how they may be used in detecting and preventing reconnaissance scans extremely quickly. We demonstrate promising results for automated early reconnaissance detection and blocking, with live packet capture and analysis. Our proposed solution requires only modest computational resources and can thus operate on resource-constrained Internet of Things (loT) devices and other embedded systems.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130250275","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Efficient Early Anomaly Detection of Network Security Attacks Using Deep Learning 基于深度学习的网络安全攻击早期异常检测
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224923
Tanwir Ahmad, D. Truscan
{"title":"Efficient Early Anomaly Detection of Network Security Attacks Using Deep Learning","authors":"Tanwir Ahmad, D. Truscan","doi":"10.1109/CSR57506.2023.10224923","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224923","url":null,"abstract":"We present a deep-learning (DL) anomaly-based Intrusion Detection System (IDS) for networked systems, which is able to detect in realtime anomalous network traffic corresponding to security attacks while they are ongoing. Compared to similar approaches, our IDS does not require a fixed number of network packets to analyze in order to make a decision on the type of traffic and it utilizes a more compact neural network which improves its realtime performance. As shown in the experiments using the CICIDS2017 and USTC-TFC-2016 datasets, the approach is able to detect anomalous traffic with high precision and recall. In addition, the approach is able to classify the network traffic by using only a very small portion of the network flows.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"11 7 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126169555","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Detecting Subspace Malicious Vectors Attack Against Smart Grid Using Sequence-Alignment Method 基于序列比对的智能电网子空间恶意向量攻击检测
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224936
Khaled F. Alotaibi, Rafat Rob, Dana Nour, Doaa Zamzami
{"title":"Detecting Subspace Malicious Vectors Attack Against Smart Grid Using Sequence-Alignment Method","authors":"Khaled F. Alotaibi, Rafat Rob, Dana Nour, Doaa Zamzami","doi":"10.1109/CSR57506.2023.10224936","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224936","url":null,"abstract":"The energy sector is moving toward the new Digital Substation Architecture which will introduce new opportunities for the smart grid, applications, monitoring and control. Nevertheless, the new advancements come with its own risk, such as the creation of new security attack surfaces. For example, targeting the data integrity of system, the attacker can manipulate the critical operational data using sophisticated algorithms resulting in incorrect operation decision making. This attack method is aimed to create subspace malicious vectors according to the system configuration to be launched as augmented vectors to the actual field data. This attack will impose the operators to take actions based on altered data which will lead to system failure or blackout. The malicious subspaces vectors will impact the state variables of power grid buses and bypass integrity data validation test. This paper used IEEE-9 bus system to demonstrate the methods for generating malicious subspace vectors to be used and alter the data integrity. The corrupted data can be applied to the integrity validation test and assure the operator that the data integrity has been verified successfully. This paper is proposing a practical solution to detect such an attack scenario by comparing sequences of malicious behaviors used in the analysis of attack activity patterns. Therefore, the proposed method is to evaluate behavior method which is employed on IEEE 9-bus system, and the result has demonstrated the effectiveness of using sequence-alignment methods to detect certain behaviors of generating subspace attacking vectors against smart Grid.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125145364","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
IoT Forensics: Investigating the Mobile App of Dahua Technology 物联网取证:调查大华科技的移动应用
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224982
Evangelos Dragonas, C. Lambrinoudakis, Michael Kotsis
{"title":"IoT Forensics: Investigating the Mobile App of Dahua Technology","authors":"Evangelos Dragonas, C. Lambrinoudakis, Michael Kotsis","doi":"10.1109/CSR57506.2023.10224982","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224982","url":null,"abstract":"Modern smart homes and their habitants are being protected by both CCTV surveillance systems and diverse security devices like motion sensors. Due to their ever-increasing adoption, such appliances may witness incidents occurring to the loT security systems they form. These complex systems can be configured and monitored by simply using a mobile application. Dahua Technology is a manufacturer of such loT devices that offers a variety of applications to utilize with its products. Research related to the forensic analysis of these applications is scarce yet this unexplored piece of evidence may hide the answer to a number of investigative questions. In this paper the mobile application of Dahua Technology is thoroughly examined in both Android and iOS operating systems so as to uncover evidentiary data that may reside within. Making use of the findings of this study authors contributed to FOSS in an effort to assist investigators with their examinations.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125187840","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Evaluating Machine Learning Approaches for Cyber and Physical Anomalies in SCADA Systems 评估SCADA系统中网络和物理异常的机器学习方法
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224915
L. Faramondi, Francesco Flammini, S. Guarino, R. Setola
{"title":"Evaluating Machine Learning Approaches for Cyber and Physical Anomalies in SCADA Systems","authors":"L. Faramondi, Francesco Flammini, S. Guarino, R. Setola","doi":"10.1109/CSR57506.2023.10224915","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224915","url":null,"abstract":"In recent years, machine learning (ML) techniques have been widely adopted as anomaly-based Intrusion Detection System in order to evaluate cyber and physical attacks against Industrial Control Systems. Nevertheless, a performance comparison of such techniques applied to multiple Cyber-Physical Systems datasets is still missing. In light of this, we propose a comparative study about the performance of four supervised ML-algorithms, Random Forest, k-nearest-Neighbors, Support-Vector-Machine and Naïve-Bayes, applied to three different publicly available datasets from water testbeds. Specifically, we consider three different scenarios where we evaluate: (1) the ability to detect cyber and physical anomalies with respect to the nominal samples, (2) the ability to detect specific types of cyber and physical attacks and (3) the ability to recognize unforeseen attacks without providing any previous knowledge about them. Results show the effectiveness of the ML-techniques in identifying cyber and physical anomalies under some assumptions about their effects on the process dynamics.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128132898","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Multi-Class Intrusion Detection System Based on Continual Learning 基于持续学习的多类入侵检测系统
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224974
Chrysoula Oikonomou, Ilias Iliopoulos, D. Ioannidis, D. Tzovaras
{"title":"A Multi-Class Intrusion Detection System Based on Continual Learning","authors":"Chrysoula Oikonomou, Ilias Iliopoulos, D. Ioannidis, D. Tzovaras","doi":"10.1109/CSR57506.2023.10224974","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224974","url":null,"abstract":"With the proliferation of smart devices, network security has become crucial to protect systems and data. In order to identify and categorise different network threats, this study introduces a flow-based Network Intrusion Detection System (NIDS) based on continual learning with a CNN backbone. Using the LYCOS-IDS2017 dataset, the study explores several continuous learning techniques for identifying threats including denial-of-service and SQL injection. Unlike previous approaches, this work treats intrusion detection as a multi-class classification problem, rather than anomaly detection. The findings show how continuously learning models may identify network intrusions with high recall rates and accuracy while generating few false alarms. This study contributes to the development of an adaptive NIDS that can handle attack classification simultaneously with detection, and that can be trained online without periodic offline training. Additionally, utilising the improved version of the dataset adds value to the research on LYCOS-IDS2017 by presenting results for untested models.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"9 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127434588","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
A Game of Age of Incorrect Information Against an Adversary Injecting False Data 一场充斥着错误信息的游戏,对抗注入虚假数据的对手
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224952
Valeria Bonagura, S. Panzieri, F. Pascucci, L. Badia
{"title":"A Game of Age of Incorrect Information Against an Adversary Injecting False Data","authors":"Valeria Bonagura, S. Panzieri, F. Pascucci, L. Badia","doi":"10.1109/CSR57506.2023.10224952","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224952","url":null,"abstract":"Remote sensing enables fast and cost-effective data collection and monitoring, but can be subject to the injection of false data by adversaries. We consider a remote transmitter that is sending status updates about a process to a receiver, incurring a cost when doing so. The system is modeled as transiting between two conditions, implying that the receiver may start with correct knowledge about the process, but this information may become obsolete due to a natural drift of the process toward another regime and the lack of updates by the transmitter. In normal conditions, the transmitter would estimate the age of incorrect information (AoII), a metric proposed in the literature to quantify the time elapsed from the last instant in which the receiver had correct knowledge about the process, to determine the required frequency of updates, balancing it with the transmission cost. We assume the presence of an adversary that may increase the process drift, also incurring its own cost when doing so. The resulting interaction can be analyzed through game theory, with the transmitter and the adversary as strategic players. We present an analysis to determine the conditions for the costs paid by the players and the consequences of their actions on the resulting system performance.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"26 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128042841","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Verified Value Chains, Innovation and Competition 验证价值链、创新和竞争
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224911
A. Weber, S. Guilley, René Rathfelder, Marc Stöttinger, Christoph Lüth, Maja Malenko, Torsten Grawunder, S. Reith, A. Puccetti, Jean-Pierre Seifert, N. Herfurth, Hagen Sankowski, G. Heiser
{"title":"Verified Value Chains, Innovation and Competition","authors":"A. Weber, S. Guilley, René Rathfelder, Marc Stöttinger, Christoph Lüth, Maja Malenko, Torsten Grawunder, S. Reith, A. Puccetti, Jean-Pierre Seifert, N. Herfurth, Hagen Sankowski, G. Heiser","doi":"10.1109/CSR57506.2023.10224911","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224911","url":null,"abstract":"The paper addresses three issues: The first one is vulnerabilities in IT systems, the second is significant market power in hardware production, and the third is sovereignty of nations and manufacturers regarding their IT input. The paper reviews some recent developments towards open verifiable components, such as for open processors, hardware security modules, operating systems, and semiconductor production systems. These developments provide opportunities for new products. Even manufacturers in non-leading countries might be empowered to produce hard-to-attack products. Currently pending IT security regulation will not achieve such a level of security by itself. Open and better verified, ultimately provably secure components will foster more sovereignty. Technical limits and costs of the approaches are discussed. It is concluded that fighting vulnerabilities and providing space for new products and jobs justify further privately and publicly supported research.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129334259","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Formal Verification of a V2X Privacy Preserving Scheme Using Proverif 使用Proverif的V2X隐私保护方案的形式化验证
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224908
Simone Bussa, R. Sisto, Fulvio Valenza
{"title":"Formal Verification of a V2X Privacy Preserving Scheme Using Proverif","authors":"Simone Bussa, R. Sisto, Fulvio Valenza","doi":"10.1109/CSR57506.2023.10224908","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224908","url":null,"abstract":"V2X communications will be an integral part of all vehicles in the future, broadcasting information such as the vehicle's speed and position to all surrounding neighbors. Being sensitive, a compromise of this data may expose the vehicle to cyberattacks. In this paper, we focus on a particular issue, which is the privacy of vehicles and their drivers. Specifically, we consider a scheme that has been proposed in the literature for ensuring privacy in v2x communications, we build a formal model of it and we analyze its security properties through formal verification. Our analysis conducted using Proverif revealed some issues that could impact the privacy and safety of the vehicle. Some of them are well-known in the literature and could be common to other existing schemes; other ones are specific to the modeled protocol.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"59 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123902651","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Nudge to Promote Employees' Information Security Compliance Behavior: A Field Study 助推促进员工信息安全合规行为的实证研究
2023 IEEE International Conference on Cyber Security and Resilience (CSR) Pub Date : 2023-07-31 DOI: 10.1109/CSR57506.2023.10224994
M. Inaba, Takeaki Terada
{"title":"Nudge to Promote Employees' Information Security Compliance Behavior: A Field Study","authors":"M. Inaba, Takeaki Terada","doi":"10.1109/CSR57506.2023.10224994","DOIUrl":"https://doi.org/10.1109/CSR57506.2023.10224994","url":null,"abstract":"This field study performed an experiment to observe practical effects of a nudge on facilitating employees' security compliance in one company's department. We examined if the nudges speeded up the employees' manual implication of applying the security patch to all their devices, which constituted a security compliance behavior in the experimental environment. Each employee was provided with one of three types of nudges informing the state of others: informing about the progress of general employees with a similar number of devices, informing about the progress of one's working team members, and providing information regarding both. As a result, providing information regarding both uniformly accelerated their patching behaviors although providing only team information severely delayed these behaviors. This study indicates the potential of a nudge as a security management intervention and showcases its effective design.","PeriodicalId":354918,"journal":{"name":"2023 IEEE International Conference on Cyber Security and Resilience (CSR)","volume":"223 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2023-07-31","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"116232800","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信