发布求助
文献互助 智能选刊 最新文献

2022 IEEE Conference on Dependable and Secure Computing (DSC)最新文献

筛选
英文 中文
Discovering Exfiltration Paths Using Reinforcement Learning with Attack Graphs 使用攻击图的强化学习发现泄露路径
2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2022-01-28 DOI: 10.1109/DSC54232.2022.9888919
Tyler Cody, Abdul Rahman, Christopher Redino, Lanxiao Huang, Ryan Clark, A. Kakkar, Deepak Kushwaha, Paul Park, P. Beling, E. Bowen
{"title":"Discovering Exfiltration Paths Using Reinforcement Learning with Attack Graphs","authors":"Tyler Cody, Abdul Rahman, Christopher Redino, Lanxiao Huang, Ryan Clark, A. Kakkar, Deepak Kushwaha, Paul Park, P. Beling, E. Bowen","doi":"10.1109/DSC54232.2022.9888919","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888919","url":null,"abstract":"Reinforcement learning (RL), in conjunction with attack graphs and cyber terrain, are used to develop reward and state associated with determination of optimal paths for exfiltration of data in enterprise networks. This work builds on previous crown jewels (CJ) identification that focused on the target goal of computing optimal paths that adversaries may traverse toward compromising CJs or hosts within their proximity. This work inverts the previous CJ approach based on the assumption that data has been stolen and now must be quietly exfiltrated from the network. RL is utilized to support the development of a reward function based on the identification of those paths where adversaries desire reduced detection. Results demonstrate promising performance for a sizable network environment.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"95 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-28","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"134382351","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 9
Graph Neural Network-based Android Malware Classification with Jumping Knowledge 基于跳知识的图神经网络Android恶意软件分类
2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2022-01-19 DOI: 10.1109/DSC54232.2022.9888878
Wai Weng Lo, S. Layeghy, Mohanad Sarhan, Marcus Gallagher, Marius Portmann
{"title":"Graph Neural Network-based Android Malware Classification with Jumping Knowledge","authors":"Wai Weng Lo, S. Layeghy, Mohanad Sarhan, Marcus Gallagher, Marius Portmann","doi":"10.1109/DSC54232.2022.9888878","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888878","url":null,"abstract":"This paper presents a new Android malware de-tection method based on Graph Neural Networks (GNNs) with Jumping-Knowledge (JK). Android function call graphs (FCGs) consist of a set of program functions and their inter-procedural calls. Thus, this paper proposes a GNN-based method for Android malware detection by capturing meaningful intra-procedural call path patterns. In addition, a Jumping-Knowledge technique is applied to minimize the effect of the over-smoothing problem, which is common in GNNs. The proposed method has been extensively evaluated using two benchmark datasets. The results demonstrate the superiority of our approach compared to state-of-the-art approaches in terms of key classification metrics, which demonstrates the potential of GNNs in Android malware detection and classification.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128988956","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 7
Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots 行为蜜罐部署的安全编排、自动化和响应引擎
2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2022-01-14 DOI: 10.1109/DSC54232.2022.9888808
Upendra Bartwal, Subhasis Mukhopadhyay, R. Negi, S. Shukla
{"title":"Security Orchestration, Automation, and Response Engine for Deployment of Behavioural Honeypots","authors":"Upendra Bartwal, Subhasis Mukhopadhyay, R. Negi, S. Shukla","doi":"10.1109/DSC54232.2022.9888808","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888808","url":null,"abstract":"Cyber Security is a critical topic for organizations with IT/ OT networks as they are always susceptible to attack, whether insider or outsider. Since the cyber landscape is an ever-evolving scenario, one must keep upgrading its security systems to enhance the security of the infrastructure. Tools like Security Information and Event Management (SIEM), Endpoint Detection and Response (EDR), Threat Intelligence Platform (TIP), Information Technology Service Management (ITSM), along with other defensive techniques like Intrusion Detection System (IDS), Intrusion Protection System (IPS), and many others enhance the cyber security posture of the infrastructure. However, the proposed protection mechanisms have their limitations, they are insufficient to ensure security, and the attacker penetrates the network. Deception technology, along with Honeypots, provides a false sense of vulnerability in the target systems to the attackers. The attacker deceived reveals threat intel about their modus operandi. We have developed a Security Orchestration, Automation, and Response (SOAR) Engine that dynamically deploys custom honeypots inside the internal network infrastructure based on the attacker's behavior. The architecture is robust enough to support multiple VLANs connected to the system and used for orchestration. The presence of botnet traffic and DDoS attacks on the honeypots in the network is detected, along with a malware collection system. After being exposed to live traffic for four days, our engine dynamically orchestrated the honeypots 40 times, detected 7823 attacks, 965 DDoS attack packets, and three malicious samples. While our experiments with static honeypots show an average attacker engagement time of 102 seconds per instance, our SOAR Engine-based dynamic honeypots engage attackers on average 3148 seconds.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"58 11","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2022-01-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131609420","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
A Hybrid Graph Neural Network Approach for Detecting PHP Vulnerabilities 基于混合图神经网络的PHP漏洞检测方法
2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2020-12-16 DOI: 10.1109/DSC54232.2022.9888816
Rishi Rabheru, Hazim Hanif, S. Maffeis
{"title":"A Hybrid Graph Neural Network Approach for Detecting PHP Vulnerabilities","authors":"Rishi Rabheru, Hazim Hanif, S. Maffeis","doi":"10.1109/DSC54232.2022.9888816","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888816","url":null,"abstract":"We validate our approach in the wild by discovering 4 novel vulnerabilities in established WordPress plugins. This paper presents DeepTective, a deep learning-based approach to detect vulnerabilities in PHP source code. Our approach implements a novel hybrid technique that combines Gated Recurrent Units and Graph Convolutional Networks to detect SQLi, XSS and OSCI vulnerabilities leveraging both syntactic and semantic information. We evaluate DeepTective and compare it to the state of the art on an established synthetic dataset and on a novel real-world dataset collected from GitHub. Experimental results show that DeepTective outperformed other solutions, including recent machine learning-based vulnerability detection approaches, on both datasets. The gap is noticeable on the synthetic dataset, where our approach achieves very high classification performance, but grows even wider on the realistic dataset, where most existing tools fail to transfer their detection ability, whereas DeepTective achieves an F1 score of 88.12%.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-12-16","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"123511385","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
Securing Password Authentication for Web-based Applications 保护基于web的应用程序的密码身份验证
2022 IEEE Conference on Dependable and Secure Computing (DSC) Pub Date : 2020-11-12 DOI: 10.1109/DSC54232.2022.9888923
Teik Guan Tan, Pawel Szalachowski, Jianying Zhou
{"title":"Securing Password Authentication for Web-based Applications","authors":"Teik Guan Tan, Pawel Szalachowski, Jianying Zhou","doi":"10.1109/DSC54232.2022.9888923","DOIUrl":"https://doi.org/10.1109/DSC54232.2022.9888923","url":null,"abstract":"There is currently no foolproof mechanism for any website to prevent their users from being directed to fraudulent websites and having their passwords stolen. Phishing attacks continue to plague password-based authentication despite ag-gressive efforts in detection, takedown, user awareness and training programs. In this paper, we apply a threat analysis on the web password login process, and highlight a design shortcoming in the HTML field which we recommend be deprecated. This weakness can be exploited for phishing and man-in-the-middle (MITM) attacks as the web authentication process is not end-to-end secured from each input password field to the web server. We identify four protocol properties and one browser property that encapsulate the requirements to stop web-based password phishing and MITM attacks, and propose a secure protocol to be used with a new input credential field that complies with the properties. We further analyze the proposed protocol through an abuse-case evaluation and perform a test implementation to understand its data and execution overheads.","PeriodicalId":368903,"journal":{"name":"2022 IEEE Conference on Dependable and Secure Computing (DSC)","volume":"101 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2020-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124790963","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信