发布求助
文献互助 智能选刊 最新文献

Proceedings of the Third Central European Cybersecurity Conference最新文献

筛选
英文 中文
Approaching the Automation of Cyber Security Testing of Connected Vehicles 网联汽车网络安全测试自动化初探
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360729
Stefan Marksteiner, Zhendong Ma
{"title":"Approaching the Automation of Cyber Security Testing of Connected Vehicles","authors":"Stefan Marksteiner, Zhendong Ma","doi":"10.1145/3360664.3360729","DOIUrl":"https://doi.org/10.1145/3360664.3360729","url":null,"abstract":"The advancing digitalization of vehicles and automotive systems bears many advantages for creating and enhancing comfort and safety-related systems ranging from drive-by-wire, inclusion of advanced displays, entertainment systems up to sophisticated driving assistance and autonomous driving. It, however, also contains the inherent risk of being used for purposes that are not intended for, raging from small non-authorized customizations to the possibility of full-scale cyberattacks that affect several vehicles to whole fleets and vital systems such as steering and engine control. To prevent such conditions and mitigate cybersecurity risks from affecting the safety of road traffic, testing cybersecurity must be adopted into automotive testing at a large scale. Currently, the manual penetration testing processes cannot uphold the increasing demand due to time and cost to test complex systems. We propose an approach for an architecture that (semi-)automates automotive cybersecurity test, allowing for more economic testing and therefore keeping up to the rising demand induced by new vehicle functions as well as the development towards connected and autonomous vehicles.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"31 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129105887","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
SAT Solvers and their Limits with NFSR-based Stream Ciphers: an Example with Grain v1 基于nfsr的流密码的SAT解算器及其限制:以Grain v1为例
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360683
A. Schaffhauser
{"title":"SAT Solvers and their Limits with NFSR-based Stream Ciphers: an Example with Grain v1","authors":"A. Schaffhauser","doi":"10.1145/3360664.3360683","DOIUrl":"https://doi.org/10.1145/3360664.3360683","url":null,"abstract":"Many modern stream ciphers combine linear and nonlinear operations with a certain amount of initial clock steps without producing keystream bits for encryption. As a result of this behaviour, the resulting system of equations get more and more complex and difficult to solve. Due to the increasing number of monomials, as well as the increasing algebraic degree, the resulting system of equations get immune to a SAT-based cryptanalysis. A stream cipher realizing this principle is Grain v1. Grain is a stream cipher family, whose first version was submitted as a proposal to the eSTREAM project in the year 2004. Through a key recovery attack in the year 2006, a new revised version was published, referred as Grain Version 1. Within this paper, we examine the initialization phase of Grain v1 for SAT-based cryptanalysis. In the first step, the paper presents the necessary steps for establishing the Boolean system of equations. The second step describes the formulation of the SAT-Problem and the related possibilities and limitations.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131839247","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Towards a delegation-type secure software development method 提出了一种委托型安全软件开发方法
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360728
Anže Mihelič, T. Hovelja, Simon L. R. Vrhovec
{"title":"Towards a delegation-type secure software development method","authors":"Anže Mihelič, T. Hovelja, Simon L. R. Vrhovec","doi":"10.1145/3360664.3360728","DOIUrl":"https://doi.org/10.1145/3360664.3360728","url":null,"abstract":"Agile methods are becoming increasingly popular and compared to traditional methods offer higher adaptability, quicker response to changing requirements and more efficient customer-developer collaboration throughout the entire software development process. However, they may not be the best way for achieving satisfactory security of the developed software due to their focus on the functional requirements. To address this issue, we developed a novel approach for achieving secure software with agile methods without adding unnecessary complexity or rigidity which is a key drawback of existing approaches eroding the agility. The proposed approach builds on delegation of responsibility for security, generic security user stories, and game of votes.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115263952","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
How much does a zero-permission Android app know about us? 一个零权限的安卓应用程序对我们了解多少?
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360671
Antonios Dimitriadis, George Drosatos, P. Efraimidis
{"title":"How much does a zero-permission Android app know about us?","authors":"Antonios Dimitriadis, George Drosatos, P. Efraimidis","doi":"10.1145/3360664.3360671","DOIUrl":"https://doi.org/10.1145/3360664.3360671","url":null,"abstract":"Android devices contain a vast amount of personal data of their owners. These data are stored on the device and are protected by the Android permission scheme. Android apps can obtain access to specific data items by requesting the appropriate permissions from the user. However, in Android, the access to certain assets is granted by default to the installed apps. For example, any Android app has the right to get the device's network operator, which may be used to infer information about user's country and nationality. Similarly, any app has access to the clipboard which may occasionally contain very sensitive information, like a password. Consequently, a honest but curious Android app may leverage the implicit access rights to accumulate such unguarded information pieces and gradually build a detailed profile of the user. The device owner has no immediate way to control this flow of information and, even worse, may not even be aware that this type personal data flow can take place. In this work, we examine the issue of default access rights of Android apps and discuss the potential threat against user privacy. We assess the user awareness and present a prototype zero-permission app that collects user data.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"15 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"117124409","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
Meizodon
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360672
Sebastiaan Alvarez Rodriguez, Erik van der Kouwe
{"title":"Meizodon","authors":"Sebastiaan Alvarez Rodriguez, Erik van der Kouwe","doi":"10.1145/3360664.3360672","DOIUrl":"https://doi.org/10.1145/3360664.3360672","url":null,"abstract":"Many Android applications are uploaded to app stores every day. A relatively small fraction of these applications, or apps, is malware. Several research teams developed tools which automate malware detection for apps, to keep up with the never-ending stream of uploaded apks (Android PacKages). Every tool seemed better than the last, some even claiming accuracy scores well over 90%. However, all of these designs were tested against test sets containing only self-written apks, synthetic malicious apks, or otherwise statistically unsound samples. Many of these tools are open source. We propose Meizodon, a novel framework to install Android static security analysis tools and run them efficiently in a distributed fashion, in equal environments and against a suitable dataset. This allows us to make a fair and statistically sound comparison of the most recent and best known tools, on real, 'practical' malware: malware created by malware creators, not by researchers, and found in the wild. From the results, we conclude that Android static security analysis tools do show great promise to classify apks in practice, but are not quite there yet. We demonstrate that Meizodon allows us to efficiently test analysis tools, and find that the accuracy of tested analysis tools is low (F1 scores are just over 58%), and analysis fails for many apks. Additionally, we investigate why accuracy is low, and why so many analyses result in errors.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"68 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"126328335","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Case Study: Analysis and Mitigation of a Novel Sandbox-Evasion Technique 案例研究:一种新型沙盒规避技术的分析与缓解
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-11-14 DOI: 10.1145/3360664.3360673
Ziya Alper Genç, G. Lenzini, D. Sgandurra
{"title":"Case Study: Analysis and Mitigation of a Novel Sandbox-Evasion Technique","authors":"Ziya Alper Genç, G. Lenzini, D. Sgandurra","doi":"10.1145/3360664.3360673","DOIUrl":"https://doi.org/10.1145/3360664.3360673","url":null,"abstract":"Malware is one of the most popular cyber-attack methods in the digital world. According to the independent test company AV-TEST, 350,000 new malware samples are created every day. To analyze all samples by hand to discover whether they are malware does not scale, so antivirus companies automate the process e.g., using sandboxes where samples can be run, observed, and classified. Malware authors are aware of this fact, and try to evade detection. In this paper we describe one of such evasion technique: unprecedented, we discovered it while analyzing a ransomware sample. Analyzed in a Cuckoo Sandbox, the sample was able to avoid triggering malware indicators, thus scoring significantly below the minimum severity level. Here, we discuss what strategy the sample follows to evade the analysis, proposing practical defense methods to nullify, in our turn, the sample's furtive strategy.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"2 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"129686567","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Discussing the Feasibility of Acoustic Sensors for Side Channel-aided Industrial Intrusion Detection: An Essay 声学传感器用于侧信道辅助工业入侵检测的可行性探讨
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-09-09 DOI: 10.1145/3360664.3360667
S. D. Antón, A. Lohfink, H. Schotten
{"title":"Discussing the Feasibility of Acoustic Sensors for Side Channel-aided Industrial Intrusion Detection: An Essay","authors":"S. D. Antón, A. Lohfink, H. Schotten","doi":"10.1145/3360664.3360667","DOIUrl":"https://doi.org/10.1145/3360664.3360667","url":null,"abstract":"The fourth industrial revolution leads to an increased use of embedded computation and intercommunication in an industrial environment. While reducing cost and effort for set up, operation and maintenance, and increasing the time to operation or market respectively as well as the efficiency, this also increases the attack surface of enterprises. Industrial enterprises have become targets of cyber criminals in the last decade, reasons being espionage but also politically motivated. Infamous attack campaigns as well as easily available malware that hits industry in an unprepared state create a large threat landscape. As industrial systems often operate for many decades and are difficult or impossible to upgrade in terms of security, legacy-compatible industrial security solutions are necessary in order to create a security parameter. One plausible approach in industry is the implementation and employment of side-channel sensors. Combining readily available sensor data from different sources via different channels can provide an enhanced insight about the security state. In this work, a data set of an experimental industrial set up containing side channel sensors is discussed conceptually and insights are derived.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"10 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128515814","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Security in Process: Detecting Attacks in Industrial Process Data 过程中的安全:检测工业过程数据中的攻击
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 2019-09-09 DOI: 10.1145/3360664.3360669
S. D. Antón, A. Lohfink, C. Garth, H. Schotten
{"title":"Security in Process: Detecting Attacks in Industrial Process Data","authors":"S. D. Antón, A. Lohfink, C. Garth, H. Schotten","doi":"10.1145/3360664.3360669","DOIUrl":"https://doi.org/10.1145/3360664.3360669","url":null,"abstract":"Due to the fourth industrial revolution, industrial applications make use of the progress in communication and embedded devices. This allows industrial users to increase efficiency and manageability while reducing cost and effort. Furthermore, the fourth industrial revolution, creating the so-called Industry 4.0, opens a variety of novel use and business cases in the industrial environment. However, this progress comes at the cost of an enlarged attack surface of industrial companies. Operational networks that have previously been phyiscally separated from public networks are now connected in order to make use of new communication capabilites. This motivates the need for industrial intrusion detection solutions that are compatible to the long-term operation machines in industry as well as the heterogeneous and fast-changing networks. In this work, process data is analysed. The data is created and monitored on real-world hardware. After a set up phase, attacks are introduced into the systems that influence the process behaviour. A time series-based anomaly detection approach, the Matrix Profiles, are adapted to the specific needs and applied to the intrusion detection. The results indicate an applicability of these methods to detect attacks in the process behaviour. Furthermore, they are easily integrated into existing process environments. Additionally, one-class classifiers One-Class Support Vector Machines and Isolation Forest are applied to the data without a notion of timing. While Matrix Profiles perform well in terms of creating and visualising results, the one-class classifiers perform poorly.","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"23 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2019-09-09","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127449067","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 11
Proceedings of the Third Central European Cybersecurity Conference 第三届中欧网络安全会议论文集
Proceedings of the Third Central European Cybersecurity Conference Pub Date : 1900-01-01 DOI: 10.1145/3360664
{"title":"Proceedings of the Third Central European Cybersecurity Conference","authors":"","doi":"10.1145/3360664","DOIUrl":"https://doi.org/10.1145/3360664","url":null,"abstract":"","PeriodicalId":409365,"journal":{"name":"Proceedings of the Third Central European Cybersecurity Conference","volume":"13 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"1900-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131781513","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信