-
MitM Attacks on Intellectual Property and Integrity of Additive Manufacturing Systems: A Security Analysis Comput. Secur. (IF 5.6) Pub Date : 2024-03-12 Hamza Alkofahi, Heba Alawneh, Anthony Skjellum
Additive Manufacturing (AM) was originally invented to reduce the cost of the prototyping process. Over time, the technology evolved to be faster, more accurate, and affordable. These factors, in addition to the potential use of AM in parts production, have helped rapidly drive the growth of AM in both industrial and personal uses. Thus, there is an accompanying demand to understand the cybersecurity
-
GSEDroid: GNN-based android malware detection framework using lightweight semantic embedding Comput. Secur. (IF 5.6) Pub Date : 2024-03-12 Jintao Gu, Hongliang Zhu, Zewei Han, Xiangyu Li, Jianjin Zhao
Currently, the prevalence of Android malware remains substantial. Malicious programs increasingly use advanced obfuscation techniques, posing challenges for security professionals with enhanced disguises, a proliferation of variants, and escalating detection difficulty. Leveraging semantic features presents a promising avenue to address these challenges. Rich semantic information encapsulated within
-
ChatGPT or Bard: Who is a better Certified Ethical Hacker? Comput. Secur. (IF 5.6) Pub Date : 2024-03-09 Raghu Raman, Prasad Calyam, Krishnashree Achuthan
In this study, we compare two leading Generative AI (GAI) tools, ChatGPT and Bard, specifically in Cybersecurity, using a robust set of standardized questions from a validated Certified Ethical Hacking (CEH) dataset. In the rapidly evolving domain of Generative AI (GAI) and large language models (LLM), a comparative analysis of tools becomes essential to measure their performance. We determine the
-
An Anomaly Behavior Characterization Method of Network Traffic Based on Spatial Pyramid Pool (SPP) Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Tao Yi, Xingshu Chen, Qindong Li, Yi Zhu
APT attacks have the characteristics of low frequency, stealth, and persistence. Achieving attack objectives and preventing trace-back often involve diverse tactics, various tools, and changing processes and patterns. Additionally, the goals of APT attacks are diverse. Apart from service disruptions or network outages, the main goals include remotely penetrating target hosts through the network to
-
BopSkyline: Boosting Privacy-Preserving Skyline Query Service in the Cloud Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Weibo Wang, Yifeng Zheng, Songlei Wang, Zhongyun Hua, Lei Xu, Yansong Gao
With the widespread adoption of cloud computing, there has been great popularity of storing and querying databases in the cloud. However, comes with such service outsourcing are critical data privacy concerns, as the cloud providers are generally not in the same trust domain as the data owners/users and could even suffer from data breaches. In this paper, different from most existing works that propose
-
Python Source Code Vulnerability Detection with Named Entity Recognition Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Melanie Ehrenberg, Shahram Sarkani, Thomas A. Mazzuchi
Vulnerabilities within source code have grown over the last 20 years to become a common threat to systems and networks. As the implementation of open-source software continues to develop, more unknown vulnerabilities will exist throughout system networks. This research proposes an enhanced vulnerability detection method specific to Python source code that utilizes pre-trained, BERT-based transformer
-
A Review on Client-Server Attacks and Defenses in Federated Learning Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Anee Sharma, Ningrinla Marchang
Federated Learning (FL) offers decentralized machine learning (ML) capabilities while potentially safeguarding data privacy. However, this architecture introduces unique security challenges. This paper presents a comprehensive survey of these challenges, categorizing attacks based on their targets: client-side training data, local models, FL channel, server-side aggregated parameters, and global models
-
SCFI: Efficient Forward Fine-grained Control Flow Integrity based on Coarse-grained ISA Extensions Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Cairui She, Jinfeng Li, Liwei Chen, Gang Shi
Code reuse attack (CRA) is a severe threat to computer systems. To mitigate this threat, control-flow integrity (CFI) was proposed to restrict control-flow transfers. Processor vendors developed Instruction Set Architecture (ISA) extensions to enforce forward CFI on processors, such as Indirect Branch Tracking (IBT) developed by Intel and Branch Target Identification (BTI) developed by ARM. However
-
Securing SatCom user segment: a study on cybersecurity challenges in view of IRIS2 Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Francesco Casaril, Letterio Galletta
The advancement in communications technologies and recent geopolitical events highlighted the need for fast and reliable satellite communications infrastructure for military and civil security operations. Starting from the case study of the Viasat cyberattack in February 2022, this paper analyzes the common vulnerabilities of the ground and, in particular, user segments in infrastructures, focusing
-
NAISS: A reverse proxy approach to mitigate MageCart's e-skimmers in e-commerce Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Adrian-Cătălin Rus, Mohammed El-Hajj, Dipti Kapoor Sarmah
The rise of payment details theft has led to increasing concerns regarding the security of e-commerce platforms. For the MageCart threat family, the attacks employ e-skimmers, which are pieces of software code that instruct clients to forward payment details to an attacker-controlled server. They can be injected into hosting providers' servers as HTML tags such as , , and . By leveraging image steganography
-
TOMSAC - Methodology for trade-off management between automotive safety and cyber security Comput. Secur. (IF 5.6) Pub Date : 2024-03-07 Giedre Sabaliauskaite, Jeremy Bryans, Hesamaldin Jadidbonab, Farhan Ahmad, Siraj Shaikh, Paul Wooderson
Safety and security interdependencies have been of interest for researchers for several decades. However, in practice, they are not given the necessary consideration yet due to various reasons, such as lack of understanding and reluctance to change current practices. This research is aimed at advancing the state of the art in this area by developing a practical, easy to adapt and to use methodology
-
WF3A: A N-shot website fingerprinting with effective fusion feature attention Comput. Secur. (IF 5.6) Pub Date : 2024-03-04 Zhiquan Wang, Tengyao Li, Meijuan Yin, Xiaoyun Yuan, Xiangyang Luo, Lingling Li
Tor anonymity communication system provides privacy to users while also allowing sensitive users to access illegal websites. Website fingerprinting (WF) attack is a technique employed to identify websites visited by users, serving as a crucial tool for effectively recognizing user access to illegal online content. However, the majority of existing WF methods heavily rely on extensive training data
-
User-empowered secure privacy-preserving authentication scheme for Digital Twin Comput. Secur. (IF 5.6) Pub Date : 2024-03-04 Chintan Patel, Aryan Pasikhani, Prosanta Gope, John Clark
Digital Twin (DT) is a revolutionary technology changing how a smart manufacturing industry carries out its day-to-day activities. DT can provide numerous advantages such as real-time synchronised functioning, monitoring and data analysis. However, security and privacy issues in DT have not been thoroughly investigated. This article proposes a user-empowerment-based privacy-preserving authentication
-
Ethical principles shaping values-based cybersecurity decision-making Comput. Secur. (IF 5.6) Pub Date : 2024-03-02 Joseph Fenech, Deborah Richards, Paul Formosa
The human factor in information systems is a large vulnerability when implementing cybersecurity, and many approaches, including technical and policy driven solutions, seek to mitigate this vulnerability. Decisions to apply technical or policy solutions must consider how an individual's values and moral stance influence their responses to these implementations. Our research aims to evaluate how individuals
-
Examining the inconsistent effect of privacy control on privacy concerns in e-commerce services: The moderating role of privacy experience and risk propensity Comput. Secur. (IF 5.6) Pub Date : 2024-03-02 Shouzheng Tao, Yezheng Liu, Chunhua Sun
Consumer privacy protection has become an important issue and challenge in the development of e-commerce, and consumers' concerns for privacy may lead to negative user experiences and make them more cautious about disclosing personal information. As one of the widely adopted privacy concerns inhibiting approaches, the accumulated information privacy literature indicated that providing privacy controls
-
A Comprehensive Survey on Cyber Deception Techniques to Improve Honeypot Performance Comput. Secur. (IF 5.6) Pub Date : 2024-03-01 Amir Javadpour, Forough Ja'fari, Tarik Taleb, Mohammad Shojafar, Chafika Benzaïd
Honeypot technologies are becoming increasingly popular in cybersecurity as they offer valuable insights into adversary behavior with a low rate of false detections. By diverting the attention of potential attackers and siphoning off their resources, honeypots are a powerful tool for protecting critical assets within a network. However, the cybersecurity landscape constantly evolves, and professional
-
DawnGNN: Documentation augmented windows malware detection using graph neural network Comput. Secur. (IF 5.6) Pub Date : 2024-02-29 Pengbin Feng, Le Gai, Li Yang, Qin Wang, Teng Li, Ning Xi, Jianfeng Ma
Application Program Interface (API) calls are widely used in dynamic Windows malware analysis to characterize the run-time behavior of malware. Researchers have proposed various approaches to mine semantic information from API calls to improve the performance of malware analysis. However, with increasingly sophisticated malware, the exploration of new semantic dimensions for API calls is never-ending
-
Model-agnostic Adversarial Example Detection via High-Frequency Amplification Comput. Secur. (IF 5.6) Pub Date : 2024-02-29 Qiao Li, Jing Chen, Kun He, Zijun Zhang, Ruiying Du, Jisi She, Xinxin Wang
Image classification based on Deep Neural Networks (DNNs) is vulnerable to adversarial examples, which make the classifier output incorrect predictions. One approach to defending against this attack is to detect whether the input is an adversarial example. Unfortunately, existing adversarial example detection methods heavily rely on the underlying classifier and may fail when the classifier is upgraded
-
A multi-type vulnerability detection framework with parallel perspective fusion and hierarchical feature enhancement Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Lingdi Kong, Senlin Luo, Limin Pan, Zhouting Wu, Xinshuai Li
A core problem of vulnerability detection is to detect multi-type vulnerabilities simultaneously by characterizing vulnerabilities of high diversity and complexity in real program source code. Current methods mainly adjust and compromise multiple code representations such as code sequence and code graph based on composite graph. However, sequential features extracted by graph are hardly sufficient
-
Exploring security and trust mechanisms in online social networks: An extensive review Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Gordhan Jethava, Udai Pratap Rao
The rise of Online Social Networks (OSNs) continues to surge in today's modern era. Millions of users are attracted and joined various OSNs and use them to perform various activities. People share a massive amount of personal information on OSNs, which has resulted in OSNs becoming a large pool of sensitive data. As OSNs contain a large amount of users' information, they attract malicious users as
-
RRIoT: Recurrent reinforcement learning for cyber threat detection on IoT devices Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Curtis Rookard, Anahita Khojandi
To address the recent worldwide proliferation of cybersecurity attacks across computing systems, especially internet-of-things devices, new robust and automated methods are needed to detect and mitigate the attacks in real time, ensuring the confidentiality, integrity, and availability of systems. Machine Learning (ML) techniques have shown promise in detecting some types of attacks. However, they
-
Defending novice user privacy: An evaluation of default web browser configurations Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Kristina Radivojevic, Nicholas Clark, Anna Klempay, Paul Brenner
Cyber novices often enter sensitive data into web browsers for routine activities such as online shopping and bill payments, making them targets for malicious entities, including cybercriminals and oppressive governments. The proliferation of online advertising technologies further exacerbates privacy concerns by exploiting user data for marketing or surveillance, frequently without explicit consent
-
Observational equivalence and security games: Enhancing the formal analysis of security protocols Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Liujia Cai, Guangying Cai, Siqi Lu, Guangsong Li, Yongjuan Wang
The formal analysis of security protocols uses abstract language to describe the security protocols, and current protocol descriptions sometimes overlook the security aspects related to cryptographic primitives. In this study, we integrate the security notions of cryptographic primitives with formal methods. Particularly, we use observational equivalence to create security games within the symbolic
-
A task offloading approach based on risk assessment to mitigate edge DDoS attacks Comput. Secur. (IF 5.6) Pub Date : 2024-02-27 Haiou Huang, Bangyi Sun, Liang Hu
Edge computing mitigates the high latency and other issues associated with cloud computing, but it also introduces new risks. One such issue is DDoS attacks on edge servers, which arise when edge tasks are offloaded. There is a dearth of research on countermeasures for these kinds of DDoS attacks. Consequently, we present EDM_TOS, a task offloading strategy. This technique makes sure that tasks are
-
The anatomy of deception: Measuring technical and human factors of a large-scale phishing campaign Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Anargyros Chrysanthou, Yorgos Pantis, Constantinos Patsakis
In an era dominated by digital interactions, phishing campaigns have evolved to exploit not just technological vulnerabilities but also human traits. This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta's users, offering a dual perspective on the technical mechanics and human elements involved. Analysing data from over 25,000 victims worldwide, we highlight
-
can-train-and-test: A curated CAN dataset for automotive intrusion detection Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Brooke Lampe, Weizhi Meng
When it comes to in-vehicle networks (IVNs), the controller area network (CAN) bus dominates the market; automobiles manufactured and sold worldwide depend on the CAN bus for safety-critical communications between various components of the vehicle (e.g., the engine, the transmission, the steering column). Unfortunately, the CAN bus is inherently insecure; in fact, it completely lacks controls such
-
Enforcing security policies on interacting authentication systems Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Francesco Buccafurri, Vincenzo De Angelis, Sara Lazzaro, Andrea Pugliese
Security policies of authentication systems are a crucial factor in mitigating the risk of impersonation, which is often the first stage of advanced persistent threats. Online authentication systems may often interact with each other, due to various mechanisms, such as account recovery or federated authentication. This leads to an implicit extension of the security policies of an authentication system
-
M-RL: A mobility and impersonation-aware IDS for DDoS UDP flooding attacks in IoT-Fog networks Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Saeed Javanmardi, Meysam Ghahramani, Mohammad Shojafar, Mamoun Alazab, Antonio M. Caruso
The Internet of Things (IoT) has recently received a lot of attention from the information and communication technology community. It has turned out to be a crucial development for harnessing the incredible power of wireless media in the real world. The nature of IoT-Fog networks requires the use of defense techniques who are light and mobile-aware. The edge resources in such a distributed environment
-
PeerG: A P2P botnet detection method based on representation learning and graph contrastive learning Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Guangli Wu, Xingyue Wang, Jing Zhang
P2P botnets are distributed with complex topology and communication behavior, making them harder to detect and remove. Individuals or organizations can effectively detect P2P botnets by analyzing abnormal behaviors in network traffic. Existing works focus on extracting deterministic traffic interaction features, which are highly dependent on statistical features. Moreover, these methods are mainly
-
Intrusion detection method based on improved social network search algorithm Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Zhongjun Yang, Qi Wang, Xuejun Zong, Guogang Wang
The network security problem in today's world is becoming more and more prominent, and intrusion detection as a branch in the field of network security has been developed tremendously. At present, back propagation (BP) neural network is widely used in intrusion detection. However, its weights and thresholds are randomly initialized, so that fall into local optimal after training. To solve this problem
-
Contextual feature representation for image-based insider threat classification Comput. Secur. (IF 5.6) Pub Date : 2024-02-21 Shu-Min Duan, Jian-Ting Yuan, Bo Wang
With the rapid development of technology, insider threat incidents frequently occur in organizations. Detecting insider threats is an essential task in network infrastructure security. In this paper, we design an attention module to extract contextual features and augment abnormal features to generate high-quality images representing user behavior. Then, we use pre-trained ResNet and multi-source feature
-
An intelligent multi-layer framework with SHAP integration for botnet detection and classification Comput. Secur. (IF 5.6) Pub Date : 2024-02-21 Swechchha Gupta, Buddha Singh
In increasingly interconnected digital world, the threat of cyber-attacks and data breaches are a pervasive and growing concern. The Botnets are the most dangerous threats that launch a wide range of cyberattacks such as distributed denial of service (DDoS) attacks, sending spam emails, spreading malware, and stealing sensitive information. The identification and categorization of botnets has become
-
MONDEO-Tactics5G: Multistage botnet detection and tactics for 5G/6G networks Comput. Secur. (IF 5.6) Pub Date : 2024-02-21 Bruno Sousa, Duarte Dias, Nuno Antunes, Javier Cámara, Ryan Wagner, Bradley Schmerl, David Garlan, Pedro Fidalgo
Mobile malware is a malicious code specifically designed to target mobile devices to perform multiple types of fraud. The number of attacks reported each day is increasing constantly and is causing an impact not only at the end-user level but also at the network operator level. Malware like FluBot contributes to identity theft and data loss but also enables remote Command & Control (C2) operations
-
Evaluating the Security of CAPTCHAs utilized on Bangladeshi Websites Comput. Secur. (IF 5.6) Pub Date : 2024-02-20 Md. Neyamul Islam Shibbir, Hasibur Rahman, Md Sadek Ferdous, Farida Chowdhury
-
LAAKA: Lightweight Anonymous Authentication and Key Agreement Scheme for Secure Fog-driven IoT Systems Comput. Secur. (IF 5.6) Pub Date : 2024-02-20 Hala Ali, Irfan Ahmed
-
Overcoming the lack of labeled data: Training malware detection models using adversarial domain adaptation Comput. Secur. (IF 5.6) Pub Date : 2024-02-19 Sonam Bhardwaj, Adrian Shuai Li, Mayank Dave, Elisa Bertino
Many current malware detection methods are based on supervised learning techniques, which however have certain limitations. First, these techniques require a large amount of labeled data for training which is often difficult to obtain. Second, they are not very effective when there are differences in domain distribution between new malware and known malware. To address these issues, we propose MD-ADA
-
Testing the dominant mediator in EPPM: An empirical study on household anti-malware software users Comput. Secur. (IF 5.6) Pub Date : 2024-02-17 Yitian Xie, Mikko Siponen, Gabriella Laatikainen, Gregory D. Moody, Xiaosong Zheng
A key research area in information systems security (ISec) is explaining or improving users’ IS security outcomes via the extended parallel process model (EPPM) lens. While the theoretical construct in emotional valence (e.g., fear) and cognitive valence (e.g., perceived efficacy) were deemed as mediators in previous EPPM-related ISec studies, existing research has ignored the value of testing and
-
Malware2ATT&CK: A sophisticated model for mapping malware to ATT&CK techniques Comput. Secur. (IF 5.6) Pub Date : 2024-02-16 Huaqi Sun, Hui Shu, Fei Kang, Yuntian Zhao, Yuyao Huang
MITER Corporation presents the ATT&CK Matrix, which maps malware behavior to different tactics, techniques, and procedures (TTPs) providing a comprehensive view to clarify the inner mechanism of malware more accurately. However, manual mapping methods are time-consuming, while rule-based feature-based mapping methods often under- or misreport many attacks. Inspired by the successful application of
-
Self-Attention conditional generative adversarial network optimised with crayfish optimization algorithm for improving cyber security in cloud computing Comput. Secur. (IF 5.6) Pub Date : 2024-02-15 Sahaya Stalin Jose. G, G. Sugitha, Ayshwarya Lakshmi. S, Preethi Bangalore Chaluvaraj
The decentralized and distributed architecture of cloud computing promotes adoption and growth in various societal domains, including education, government, information technology, business, entertainment. Cloud computing (CC) makes a broad range of information technologies available. Security and privacy are key challenges in storing big data in the cloud. To overcome this challenge, a Self-Attention
-
False Data Injection Attack with Max-Min Optimization in Smart Grid Comput. Secur. (IF 5.6) Pub Date : 2024-02-13 Poornachandratejasvi Laxman Bhattar, Naran M Pindoriya
With the proliferation of information and communication technology (ICT), the smart grid is critically vulnerable to cyber-attacks such as false data injection (FDI), denial-of-service, and data spoofing. The cyber-attackers defunctionalize critical operations of the smart grid by compromising the ICT. The decisions for the critical operation of the smart grid are processed with a state estimator,
-
TS-Mal: Malware detection model using temporal and structural features learning Comput. Secur. (IF 5.6) Pub Date : 2024-02-12 Wanyu Li, Hailiang Tang, Hailin Zhu, Wenxiao Zhang, Chen Liu
The cyber ecosystem is facing severe threats from malware attacks, making it imperative to detect malware to safeguard a purified Internet environment. However, current studies primarily concentrate on examining the time-based correlation between APIs for malware detection while neglecting the contextual associations derived from API categories, resulting in inadequate detection performance. In this
-
Agriculture 4.0 and beyond: Evaluating cyber threat intelligence sources and techniques in smart farming ecosystems Comput. Secur. (IF 5.6) Pub Date : 2024-02-12 Hang Thanh Bui, Hamed Aboutorab, Arash Mahboubi, Yansong Gao, Nazatul Haque Sultan, Aufeef Chauhan, Mohammad Zavid Parvez, Michael Bewong, Rafiqul Islam, Zahid Islam, Seyit A. Camtepe, Praveen Gauravaram, Dineshkumar Singh, M. Ali Babar, Shihao Yan
The digitisation of agriculture, integral to Agriculture 4.0, has brought significant benefits while simultaneously escalating cybersecurity risks. With the rapid adoption of smart farming technologies and infrastructure, the agricultural sector has become an attractive target for cyberattacks. This paper presents a systematic literature review that assesses the applicability of existing cyber threat
-
Machine learning and deep learning for user authentication and authorization in cybersecurity: A state-of-the-art review Comput. Secur. (IF 5.6) Pub Date : 2024-02-12 Zinniya Taffannum Pritee, Mehedi Hasan Anik, Saida Binta Alam, Jamin Rahman Jim, Md Mohsin Kabir, M.F. Mridha
In the continuously developing field of cyber security, user authentication and authorization play a vital role in protecting personal information and digital assets from unauthorized use. As the field of cyber security expands, traditional user authentication and authorization approaches are not enough to prevent unauthorized access to personal information. Therefore, Machine Learning and Deep Learning
-
Development & psychometrics of the SOLID-S – An inventory assessing software security culture in software development companies Comput. Secur. (IF 5.6) Pub Date : 2024-02-12 Christina Glasauer, Linda Maurer, Carina Spreitzer, Rainer W. Alexandrowicz
Software security is a crucial requirement for most of the software used nowadays. Besides specialized knowledge of engineers and developers, organizational culture can contribute to software security to a great extent if specific cultural dimensions are in alignment with security. The purpose of this study is to develop and evaluate the SOLID-S, a six-dimensional inventory assessing this type of software
-
-
WaTrojan: Wavelet domain trigger injection for backdoor attacks Comput. Secur. (IF 5.6) Pub Date : 2024-02-09 Zhenghao Zhang, Jianwei Ding, Qi Zhang, Qiyao Deng
Backdoor attacks have been proven to pose effective threats to deep neural networks in various domains, such as biometrics, authentication, and autonomous driving. Attackers compromise the integrity of the model, causing it to behave normally on benign samples under normal circumstances but perform attacker-specified actions on samples containing specific triggers. However, existing attack methods
-
Few-shot graph classification on cross-site scripting attacks detection Comput. Secur. (IF 5.6) Pub Date : 2024-02-08 Hongyu Pan, Yong Fang, Wenbo Guo, Yijia Xu, Changhui Wang
Cross-site scripting (XSS) payloads are an important part of XSS attacks, which contain malicious code and are injected into Web pages. There have been many research results based on machine learning and deep learning for the detection of XSS attacks. However, the current widely used datasets suffer from a serious data imbalance in the field of XSS attack detection, with a very limited number of samples
-
Adversarial sample attacks and defenses based on LSTM-ED in industrial control systems Comput. Secur. (IF 5.6) Pub Date : 2024-02-08 Yaru Liu, Lijuan Xu, Shumian Yang, Dawei Zhao, Xin Li
The challenge faced by industrial control systems is that they are vulnerable to adversarial sample attacks. In the ICS field, the challenge with adversarial sample attacks is that the adversarial samples generated by the attack do not conform to protocol specifications. The challenge of adversarial sample defense is that it is difficult to design a defense model without information about the adversarial
-
Detecting APT attacks using an attack intent-driven and sequence-based learning approach Comput. Secur. (IF 5.6) Pub Date : 2024-02-08 Hao Yue, Tong Li, Di Wu, Runzi Zhang, Zhen Yang
Advanced persistent threats (APTs) are a significant threat to network security as they can disintegrate the security fortress of enterprises. Recent studies have focused on detecting APT attacks by matching typical tactics, techniques, and procedures (TTPs) associated with APT attacks. However, the lack of positive APT samples affects the performance of existing approaches. To address this challenge
-
LP-BFGS attack: An adversarial attack based on the Hessian with limited pixels Comput. Secur. (IF 5.6) Pub Date : 2024-02-05 Jiebao Zhang, Wenhua Qian, Jinde Cao, Dan Xu
Deep neural networks are vulnerable to adversarial attacks. Most -norm based white-box attacks craft perturbations by the gradient of models to the input. Since the computation cost and memory limitation of the Hessian matrix, the application of Hessian or approximate Hessian in white-box attacks is gradually shelved. In this work, we note that the sparsity requirement on perturbations naturally lends
-
Information security threats and organizational readiness in nWFH scenarios Comput. Secur. (IF 5.6) Pub Date : 2024-02-02 Guruprasad B Jayarao, Sanjog Ray, Prabin Kumar Panigrahi
The COVID-19 pandemic has led to the development of new organizational working models, such as new-work-from-home (nWFH). The new working models were not only primarily implemented in software development organizations using information technology but also in other types of organizations where nWFH was feasible. The sudden transition to work from home (WFH) gave rise to a new concept of nWFH, which
-
Gradient-based defense methods for data leakage in vertical federated learning Comput. Secur. (IF 5.6) Pub Date : 2024-02-01 Wenhan Chang, Tianqing Zhu
Research on federated learning has continued to develop over the past few years. Many federated learning algorithms and frameworks have been developed to ensure model accuracy and protect client data privacy, which has been extensively beneficial for the development of artificial intelligence security technology. However, it is possible to recover private training data from publicly shared gradients
-
Empirical evaluation of a threat modeling language as a cybersecurity assessment tool Comput. Secur. (IF 5.6) Pub Date : 2024-02-01 Sotirios Katsikeas, Engla Rencelj Ling, Pontus Johnsson, Mathias Ekstedt
The complexity of ICT infrastructures is continuously increasing, presenting a formidable challenge in safeguarding them against cyber attacks. In light of escalating cyber threats and limited availability of expert resources, organizations must explore more efficient approaches to assess their resilience and undertake proactive measures. Threat modeling is an effective approach for assessing the cyber
-
Economics of incident response panels in cyber insurance Comput. Secur. (IF 5.6) Pub Date : 2024-02-01 Daniel Arce, Daniel W. Woods, Rainer Böhme
Cyber insurance is becoming a popular cyber risk management tool. Beyond pure financial risk transfer, prior theoretical works anticipated that cyber insurance would influence the mitigation measures employed by policyholders, such as by excluding losses caused by security mismanagement or by offering premium discounts for security controls. Empirical literature has shown cyber insurance is ineffective
-
A Typology of Cybersecurity Behavior among Knowledge Workers Comput. Secur. (IF 5.6) Pub Date : 2024-01-30 Dennik Baltuttis, Timm Teubner, Marc T.P. Adam
While the cybersecurity literature on behavioral factors has expanded, current countermeasures often overlook employee-specific behavioral differences, leading to generic solutions. This study addresses this gap by introducing a typology of knowledge worker cybersecurity behaviors through cluster analysis. Based on online survey data (n=264), we identify six main dimensions of cybersecurity attitude
-
BiTCN-TAEfficientNet malware classification approach based on sequence and RGB fusion Comput. Secur. (IF 5.6) Pub Date : 2024-01-26 Bona Xuan, Jin Li, Yafei Song
This paper proposes a bi-directional temporal convolutional networks transfer learning atrous spatial pyramid pooling EfficientNet (BiTCN-TAEfficientNet) malware classification approach based on multi-feature fusion. This approach utilizes the assembly data and API sequences of malware as features. It enhances the classification accuracy of the algorithm by introducing bi-directional temporal convolutional
-
Shadow backdoor attack: Multi-intensity backdoor attack against federated learning Comput. Secur. (IF 5.6) Pub Date : 2024-01-26 Qixian Ren, Yu Zheng, Chao Yang, Yue Li, Jianfeng Ma
Federated learning systems enable data localization by aggregating model parameters from all parties for global model training, but they also expose new security threats due to their distributed learning approach and multi-party heterogeneous data distribution. Backdoor attacks exploit the inability of federated learning systems to audit client data, and have a huge advantage in injecting backdoor
-
The applicability of a hybrid framework for automated phishing detection Comput. Secur. (IF 5.6) Pub Date : 2024-01-22 R.J. van Geest, G. Cascavilla, J. Hulstijn, N. Zannone
Phishing attacks are a critical and escalating cybersecurity threat in the modern digital landscape. As cybercriminals continually adapt their techniques, automated phishing detection systems have become essential for safeguarding Internet users. However, many current systems rely on single-analysis models, making them vulnerable to sophisticated bypass attempts by hackers. This research delves into
-
Machine learning in identity and access management systems: Survey and deep dive Comput. Secur. (IF 5.6) Pub Date : 2024-01-23 Sara Aboukadri, Aafaf Ouaddah, Abdellatif Mezrioui
The evolution of identity and access management (IAM) has been driven by the expansion of online services, cloud computing, and the Internet of Things (IoT). The proliferation of remote work, mobile applications, and interconnected devices has intensified the demand for robust identity protection and access control. As digital interactions and data sharing become more prevalent across industries, IAM
-
RCVaR: an Economic Approach to Estimate Cyberattacks Costs using Data from Industry Reports Comput. Secur. (IF 5.6) Pub Date : 2024-01-24 Muriel F. Franco, Fabian Künzler, Jan von der Assen, Chao Feng, Burkhard Stiller
Digitization increases business opportunities and the risk of companies being victims of devastating cyberattacks. Therefore, managing risk exposure and cybersecurity strategies is essential for digitized companies that aim to survive in competitive markets. However, understanding company-specific risks and quantifying their associated costs is not trivial. Current approaches fail to approximate the