当前期刊: Cybersecurity Go to current issue    加入关注   
显示样式:        排序: IF: - GO 导出
  • Conceptualisation of Cyberattack prediction with deep learning
    Cybersecurity Pub Date : 2020-06-17
    Ayei E. Ibor, Florence A. Oladeji, Olusoji B. Okunoye, Obeten O. Ekabua

    The state of the cyberspace portends uncertainty for the future Internet and its accelerated number of users. New paradigms add more concerns with big data collected through device sensors divulging large amounts of information, which can be used for targeted attacks. Though a plethora of extant approaches, models and algorithms have provided the basis for cyberattack predictions, there is the need

  • Cyber risk at the edge: current and future trends on cyber risk analytics and artificial intelligence in the industrial internet of things and industry 4.0 supply chains
    Cybersecurity Pub Date : 2020-06-02
    Petar Radanliev, David De Roure, Kevin Page, Jason R. C. Nurse, Rafael Mantilla Montalvo, Omar Santos, La’Treall Maddox, Pete Burnap

    Digital technologies have changed the way supply chain operations are structured. In this article, we conduct systematic syntheses of literature on the impact of new technologies on supply chains and the related cyber risks. A taxonomic/cladistic approach is used for the evaluations of progress in the area of supply chain integration in the Industrial Internet of Things and Industry 4.0, with a specific

  • Server-aided immediate and robust user revocation mechanism for SM9
    Cybersecurity Pub Date : 2020-05-13
    Shuzhou Sun, Hui Ma, Rui Zhang, Wenhan Xu

    As the only approved Identity-Based Encryption scheme in China that is also standardized by ISO, SM9-IBE has been widely adopted in many real-world applications. However, similar to other IBE standard algorithms, SM9-IBE currently lacks revocation mechanism, which is vital for a real system. Worse still, we find that existing revocable techniques may not be suitable and efficient when applying to SM9-IBE

  • Iso-UniK: lightweight multi-process unikernel through memory protection keys
    Cybersecurity Pub Date : 2020-05-07
    Guanyu Li, Dong Du, Yubin Xia

    Unikernel, specializing a minimalistic libOS with an application, is an attractive design for cloud computing. However, the Achilles’ heel of unikernel is the lack of multi-process support, which makes it less flexible and applicable. Many applications rely on the process abstraction to isolate different components. For example, Apache with the multi-processing module isolates a request handler in

  • Review and insight on the behavioral aspects of cybersecurity
    Cybersecurity Pub Date : 2020-04-21
    Rachid Ait Maalem Lahcen, Bruce Caulkins, Ram Mohapatra, Manish Kumar

    Stories of cyber attacks are becoming a routine in which cyber attackers show new levels of intention by sophisticated attacks on networks. Unfortunately, cybercriminals have figured out profitable business models and they take advantage of the online anonymity. A serious situation that needs to improve for networks’ defenders. Therefore, a paradigm shift is essential to the effectiveness of current

  • Layered obfuscation: a taxonomy of software obfuscation techniques for layered security
    Cybersecurity Pub Date : 2020-04-03
    Hui Xu, Yangfan Zhou, Jiang Ming, Michael Lyu

    Software obfuscation has been developed for over 30 years. A problem always confusing the communities is what security strength the technique can achieve. Nowadays, this problem becomes even harder as the software economy becomes more diversified. Inspired by the classic idea of layered security for risk management, we propose layered obfuscation as a promising way to realize reliable software obfuscation

  • Under false flag: using technical artifacts for cyber attack attribution
    Cybersecurity Pub Date : 2020-03-20
    Florian Skopik, Timea Pahi

    The attribution of cyber attacks is often neglected. The consensus still is that little can be done to prosecute the perpetrators – and unfortunately, this might be right in many cases. What is however only of limited interest for the private industry is in the center of interest for nation states. Investigating if an attack was carried out in the name of a nation state is a crucial task for secret

  • Predicting individuals’ vulnerability to social engineering in social networks
    Cybersecurity Pub Date : 2020-03-05
    Samar Muslah Albladi, George R. S. Weir

    The popularity of social networking sites has attracted billions of users to engage and share their information on these networks. The vast amount of circulating data and information expose these networks to several security risks. Social engineering is one of the most common types of threat that may face social network users. Training and increasing users’ awareness of such threats is essential for

  • A DGA domain names detection modeling method based on integrating an attention mechanism and deep neural network
    Cybersecurity Pub Date : 2020-02-28
    Fangli Ren, Zhengwei Jiang, Xuren Wang, Jian Liu

    Command and control (C2) servers are used by attackers to operate communications. To perform attacks, attackers usually employee the Domain Generation Algorithm (DGA), with which to confirm rendezvous points to their C2 servers by generating various network locations. The detection of DGA domain names is one of the important technologies for command and control communication detection. Considering

  • Efficient electro-magnetic analysis of a GPU bitsliced AES implementation
    Cybersecurity Pub Date : 2020-02-19
    Yiwen Gao, Yongbin Zhou, Wei Cheng

    The advent of CUDA-enabled GPU makes it possible to provide cloud applications with high-performance data security services. Unfortunately, recent studies have shown that GPU-based applications are also susceptible to side-channel attacks. These published work studied the side-channel vulnerabilities of GPU-based AES implementations by taking the advantage of the cache sharing among multiple threads

  • Malware Guard Extension: abusing Intel SGX to conceal cache attacks
    Cybersecurity Pub Date : 2020-01-19
    Michael Schwarz, Samuel Weiser, Daniel Gruss, Clémentine Maurice, Stefan Mangard

    In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial that the hypervisor isolates tenants from other tenants that are co-located on the same physical machine. However, the hypervisor does not protect tenants against the cloud provider and thus, the supplied operating system and hardware. Intel

  • An emerging threat Fileless malware: a survey and research challenges
    Cybersecurity Pub Date : 2020-01-14
    Sudhakar, Sushil Kumar

    With the evolution of cybersecurity countermeasures, the threat landscape has also evolved, especially in malware from traditional file-based malware to sophisticated and multifarious fileless malware. Fileless malware does not use traditional executables to carry-out its activities. So, it does not use the file system, thereby evading signature-based detection system. The fileless malware attack is

  • Correction to: Human-as-a-security-sensor for harvesting threat intelligence
    Cybersecurity Pub Date : 2019-11-26
    Manfred Vielberth, Florian Menges, Günther Pernul

    In the original publication of this article (Vielberth et al. 2019), the author list was not completed.

  • Human-as-a-security-sensor for harvesting threat intelligence
    Cybersecurity Pub Date : 2019-10-22
    Manfred Vielberth, Florian Menges, Günther Pernul

    Humans are commonly seen as the weakest link in corporate information security. This led to a lot of effort being put into security training and awareness campaigns, which resulted in employees being less likely the target of successful attacks. Existing approaches, however, do not tap the full potential that can be gained through these campaigns. On the one hand, human perception offers an additional

  • Predicate encryption against master-key tampering attacks
    Cybersecurity Pub Date : 2019-08-27
    Yuejun Liu, Rui Zhang, Yongbin Zhou

    Many real world attacks often target the implementation of a cryptographic scheme, rather than the algorithm itself, and a system designer has to consider new models that can capture these attacks. For example, if the key can be tampered by physical attacks on the device, the security of the scheme becomes totally unclear. In this work, we investigate predicate encryption (PE), a powerful encryption

  • An efficient full dynamic group signature scheme over ring
    Cybersecurity Pub Date : 2019-07-17
    Yiru Sun, Yanyan Liu, Bo Wu

    The group signature scheme is an important primitive in cryptography, it allows members in a group to generate signatures anonymously on behalf of the whole group. In view of the practical application of such schemes, it is necessary to allow users’ registration and revocation when necessary, which makes the construction of dynamic group signature schemes become a significant direction. On the basis

  • Survey of intrusion detection systems: techniques, datasets and challenges
    Cybersecurity Pub Date : 2019-07-17
    Ansam Khraisat, Iqbal Gondal, Peter Vamplew, Joarder Kamruzzaman

    Cyber-attacks are becoming more sophisticated and thereby presenting increasing challenges in accurately detecting intrusions. Failure to prevent the intrusions could degrade the credibility of security services, e.g. data confidentiality, integrity, and availability. Numerous intrusion detection methods have been proposed in the literature to tackle computer security threats, which can be broadly

  • On the use of Max-SAT and PDDL in RBAC maintenance
    Cybersecurity Pub Date : 2019-07-01
    Marco Benedetti, Marco Mori

    Role-Based Access Control (RBAC) policies are at the core of Cybersecurity as they ease the enforcement of basic security principles, e.g., Least Privilege and Separation of Duties. As ICT systems and business processes evolve, RBAC policies have to be updated to prevent unauthorised access to resources by capturing errors and misalignments between the current policy and reality. However, such update

  • (Identity-based) dual receiver encryption from lattice-based programmable hash functions with high min-entropy
    Cybersecurity Pub Date : 2019-06-13
    Yanyan Liu, Daode Zhang, Yi Deng, Bao Li

    Dual receiver encryption (DRE) is an important cryptographic primitive introduced by Diament et al. at CCS’04, which allows two independent receivers to decrypt a same ciphertext to obtain the same plaintext. This primitive is quite useful in designing combined public key cryptosystems and denial of service attack-resilient protocols. In this paper, we obtain some results as follows. Using weak lattice-based

  • Memory access integrity: detecting fine-grained memory access errors in binary code
    Cybersecurity Pub Date : 2019-06-07
    Wenjie Li, Dongpeng Xu, Wei Wu, Xiaorui Gong, Xiaobo Xiang, Yan Wang, Fangming gu, Qianxiang Zeng

    As one of the most notorious programming errors, memory access errors still hurt modern software security. Particularly, they are hidden deeply in important software systems written in memory unsafe languages like C/C++. Plenty of work have been proposed to detect bugs leading to memory access errors. However, all existing works lack the ability to handle two challenges. First, they are not able to

  • One-way information reconciliation schemes of quantum key distribution
    Cybersecurity Pub Date : 2019-05-22
    Li Yang, Hua Dong, Zhao Li

    With the rapid improvement of quantum computing technology, quantum key distribution(QKD) is a hot technology. Information reconciliation is a key step of QKD which is useful for correcting key error. Classical message interaction is necessary in a practical information reconciliation scheme, which makes the efficiency of these protocols decreased. Therefore, some one-way information reconciliation

  • ASSERT: attack synthesis and separation with entropy redistribution towards predictive cyber defense
    Cybersecurity Pub Date : 2019-05-14
    Ahmet Okutan, Shanchieh Jay Yang

    The sophistication of cyberattacks penetrating into enterprise networks has called for predictive defense beyond intrusion detection, where different attack strategies can be analyzed and used to anticipate next malicious actions, especially the unusual ones. Unfortunately, traditional predictive analytics or machine learning techniques that require training data of known attack strategies are not

  • Creeper : a tool for detecting permission creep in file system access controls
    Cybersecurity Pub Date : 2019-04-15
    Simon Parkinson, Saad Khan, James Bray, Daiyaan Shreef

    Access control mechanisms are widely used in multi-user IT systems where it is necessary to restrict access to computing resources. This is certainly true of file systems whereby information needs to be protected against unintended access. User permissions often evolve over time, and changes are often made in an ad hoc manner and do not follow any rigorous process. This is largely due to the fact that

  • Towards IP geolocation with intermediate routers based on topology discovery
    Cybersecurity Pub Date : 2019-04-11
    Zhihao Wang, Hong Li, Qiang Li, Wei Li, Hongsong Zhu, Limin Sun

    IP geolocation determines geographical location by the IP address of Internet hosts. IP geolocation is widely used by target advertising, online fraud detection, cyber-attacks attribution and so on. It has gained much more attentions in these years since more and more physical devices are connected to cyberspace. Most geolocation methods cannot resolve the geolocation accuracy for those devices with

  • From proof-of-concept to exploitable
    Cybersecurity Pub Date : 2019-03-29
    Yan Wang; Wei Wu; Chao Zhang; Xinyu Xing; Xiaorui Gong; Wei Zou

    Exploitability assessment of vulnerabilities is important for both defenders and attackers. The ultimate way to assess the exploitability is crafting a working exploit. However, it usually takes tremendous hours and significant manual efforts. To address this issue, automated techniques can be adopted. Existing solutions usually explore in depth the crashing paths, i.e., paths taken by proof-of-concept

  • Adversarial attack and defense in reinforcement learning-from AI security view
    Cybersecurity Pub Date : 2019-03-29
    Tong Chen; Jiqiang Liu; Yingxiao Xiang; Wenjia Niu; Endong Tong; Zhen Han

    Reinforcement learning is a core technology for modern artificial intelligence, and it has become a workhorse for AI applications ranging from Atrai Game to Connected and Automated Vehicle System (CAV). Therefore, a reliable RL system is the foundation for the security critical applications in AI, which has attracted a concern that is more critical than ever. However, recent studies discover that the

  • Group topic-author model for efficient discovery of latent social astroturfing groups in tourism domain
    Cybersecurity Pub Date : 2019-03-25
    Noora Alallaq; Muhmmad Al-khiza’ay; Xin Han

    Astroturfing is a phenomenon in which sponsors of fake messages or reviews are masked because their intentions are not genuine. Astroturfing reviews are intentionally made to influence people to take decisions in favour of or against a target service or product or organization. The tourism sector being one of the sectors that is flourishing and witnessing unprecedented growth is affected by the activities

  • PathMarker: protecting web contents against inside crawlers
    Cybersecurity Pub Date : 2019-02-20
    Shengye Wan; Yue Li; Kun Sun

    Web crawlers have been misused for several malicious purposes such as downloading server data without permission from the website administrator. Moreover, armoured crawlers are evolving against new anti-crawler mechanisms in the arm races between crawler developers and crawler defenders. In this paper, based on one observation that normal users and malicious crawlers have different short-term and long-term

  • Comprehensive evaluation of key management hierarchies for outsourced data
    Cybersecurity Pub Date : 2019-02-19
    Naveen Kumar; Anish Mathuria

    Key management is an essential component of a cryptographic access control system with a large number of resources. It manages the secret keys assigned to the system entities in such a way that only authorized users can access a resource. Read access control allows read access of a resource by the authorized users and disallows others. An important objective of a key management is to reduce the secret

  • Privacy-preserving decision tree for epistasis detection
    Cybersecurity Pub Date : 2019-02-18
    Qingfeng Chen; Xu Zhang; Ruchang Zhang

    The interaction between gene loci, namely epistasis, is a widespread biological genetic phenomenon. In genome-wide association studies(GWAS), epistasis detection of complex diseases is a major challenge. Although many approaches using statistics, machine learning, and information entropy were proposed for epistasis detection, the privacy preserving for single nucleotide polymorphism(SNP) data has been

  • A framework for the extended evaluation of ABAC policies
    Cybersecurity Pub Date : 2019-02-08
    Charles Morisset; Tim A. C. Willemse; Nicola Zannone

    A main challenge of attribute-based access control (ABAC) is the handling of missing information. Several studies have shown that the way standard ABAC mechanisms, e.g. based on XACML, handle missing information is flawed, making ABAC policies vulnerable to attribute-hiding attacks. Recent work has addressed the problem of missing information in ABAC by introducing the notion of extended evaluation

  • The privacy protection mechanism of Hyperledger Fabric and its application in supply chain finance
    Cybersecurity Pub Date : 2019-01-30
    Chaoqun Ma; Xiaolin Kong; Qiujun Lan; Zhongding Zhou

    Blockchain technology ensures that data is tamper-proof, traceable, and trustworthy. This article introduces a well-known blockchain technology implementation—Hyperledger Fabric. The basic framework and privacy protection mechanisms of Hyperledger Fabric such as certificate authority, channel, Private Data Collection, etc. are described. As an example, a specific business scenario of supply chain finance

  • Graph-based visual analytics for cyber threat intelligence
    Cybersecurity Pub Date : 2018-12-28
    Fabian Böhm; Florian Menges; Günther Pernul

    The ever-increasing amount of major security incidents has led to an emerging interest in cooperative approaches to encounter cyber threats. To enable cooperation in detecting and preventing attacks it is an inevitable necessity to have structured and standardized formats to describe an incident. Corresponding formats are complex and of an extensive nature as they are often designed for automated processing

  • Forecasting cyberattacks with incomplete, imbalanced, and insignificant data
    Cybersecurity Pub Date : 2018-12-18
    Ahmet Okutan; Gordon Werner; Shanchieh Jay Yang; Katie McConky

    Having the ability to forecast cyberattacks before they happen will unquestionably change the landscape of cyber warfare and cyber crime. This work predicts specific types of attacks on a potential victim network before the actual malicious actions take place. The challenge to forecasting cyberattacks is to extract relevant and reliable signals to treat sporadic and seemingly random acts of adversaries

  • Cloud repository as a malicious service: challenge, identification and implication
    Cybersecurity Pub Date : 2018-10-11
    Xiaojing Liao; Sumayah Alrwais; Kan Yuan; Luyi Xing; XiaoFeng Wang; Shuang Hao; Raheem Beyah

    The popularity of cloud hosting services also brings in new security chal- lenges: it has been reported that these services are increasingly utilized by miscreants for their malicious online activities. Mitigating this emerging threat, posed by such “bad repositories” (simply Bar), is challenging due to the different hosting strategy to traditional hosting service, the lack of direct observations of

  • Automated identification of sensitive data from implicit user specification
    Cybersecurity Pub Date : 2018-09-29
    Ziqi Yang; Zhenkai Liang

    The sensitivity of information is dependent on the context of application and user preference. Protecting sensitive data in the cloud era requires identifying them in the first place. It typically needs intensive manual efforts. More importantly, users may specify sensitive information only through an implicit manner. Existing research efforts on identifying sensitive data from its descriptive texts

  • Concurrent non-malleable zero-knowledge and simultaneous resettable non-malleable zero-knowledge in constant rounds
    Cybersecurity Pub Date : 2018-09-29
    Zhenbin Yan; Yi Deng; Yiru Sun

    Concurrent non-malleable zero-knowledge (CNMZK) considers the concurrent execution of zero-knowledge protocols in a setting even when adversaries can simultaneously corrupt multiple provers and verifiers. As far as we know, the round complexity of all the constructions of CNMZK arguments for NP is at least ω(logn). In this paper, we provide the first construction of a constant-round concurrent non-malleable

  • CCA1 secure FHE from PIO, revisited
    Cybersecurity Pub Date : 2018-09-25
    Biao Wang; Xueqing Wang; Rui Xue

    Fully data using only public information. So far, most FHE schemes are CPA secure. In PKC 2017, Canetti et al. extended the generic transformation of Boneh, Canetti, Halevi and Katz to turn any multi-key identity-based FHE scheme into a CCA1-secure FHE scheme. Their main construction of multi-key identity-based FHE is from probabilistic indistinguishability obfuscation (PIO) and statistical trapdoor

  • Sensitive system calls based packed malware variants detection using principal component initialized MultiLayers neural networks
    Cybersecurity Pub Date : 2018-09-10
    Jixin Zhang; Kehuan Zhang; Zheng Qin; Hui Yin; Qixin Wu

    Malware detection has become mission sensitive as its threats spread from computer systems to Internet of things systems. Modern malware variants are generally equipped with sophisticated packers, which allow them bypass modern machine learning based detection systems. To detect packed malware variants, unpacking techniques and dynamic malware analysis are the two choices. However, unpacking techniques

  • A survey of practical adversarial example attacks
    Cybersecurity Pub Date : 2018-09-06
    Lu Sun; Mingtian Tan; Zhe Zhou

    Adversarial examples revealed the weakness of machine learning techniques in terms of robustness, which moreover inspired adversaries to make use of the weakness to attack systems employing machine learning. Existing researches covered the methodologies of adversarial example generation, the root reason of the existence of adversarial examples, and some defense schemes. However practical attack against

  • Detecting telecommunication fraud by understanding the contents of a call
    Cybersecurity Pub Date : 2018-08-31
    Qianqian Zhao; Kai Chen; Tongxin Li; Yi Yang; XiaoFeng Wang

    Telecommunication fraud has continuously been causing severe financial loss to telecommunication customers in China for several years. Traditional approaches to detect telecommunication frauds usually rely on constructing a blacklist of fraud telephone numbers. However, attackers can simply evade such detection by changing their numbers, which is very easy to achieve through VoIP (Voice over IP). To

  • Making a good thing better: enhancing password/PIN-based user authentication with smartwatch
    Cybersecurity Pub Date : 2018-08-20
    Bing Chang; Yingjiu Li; Qiongxiao Wang; Wen-Tao Zhu; Robert H. Deng

    Wearing smartwatches becomes increasingly popular in people’s lives. This paper shows that a smartwatch can help its bearer authenticate to a login system effectively and securely even if the bearer’s password has already been revealed. This idea is motivated by our observation that a sensor-rich smartwatch is capable of tracking the wrist motions of its bearer typing a password or PIN, which can be

  • Fuzzing: a survey
    Cybersecurity Pub Date : 2018-06-05
    Jun Li; Bodong Zhao; Chao Zhang

    Security vulnerability is one of the root causes of cyber-security threats. To discover vulnerabilities and fix them in advance, researchers have proposed several techniques, among which fuzzing is the most widely used one. In recent years, fuzzing solutions, like AFL, have made great improvements in vulnerability discovery. This paper presents a summary of the recent advances, analyzes how they improve

  • Feedback control can make data structure layout randomization more cost-effective under zero-day attacks
    Cybersecurity Pub Date : 2018-06-05
    Ping Chen; Zhisheng Hu; Jun Xu; Minghui Zhu; Peng Liu

    In the wake of the research community gaining deep understanding about control-hijacking attacks, data-oriented attacks have emerged. Among data-oriented attacks, data structure manipulation attack (DSMA) is a major category. Pioneering research was conducted and shows that DSMA is able to circumvent the most effective defenses against control-hijacking attacks — DEP, ASLR and CFI. Up to this day,

  • Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey
    Cybersecurity Pub Date : 2018-06-05
    Qionglu Zhang; Shijie Jia; Bing Chang; Bo Chen

    Ensuring confidentiality of sensitive data is of paramount importance, since data leakage may not only endanger data owners’ privacy, but also ruin reputation of businesses as well as violate various regulations like HIPPA and Sarbanes-Oxley Act. To provide confidentiality guarantee, the data should be protected when they are preserved in the personal computing devices (i.e., confidentiality during

  • Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes
    Cybersecurity Pub Date : 2018-06-05
    Chen Tian; Yazhe Wang; Peng Liu; Qihui Zhou; Chengyi Zhang

    Third-party IME (Input Method Editor) apps are often the preference means of interaction for Android users’ input. In this paper, we first discuss the insecurity of IME apps, including the Potentially Harmful Apps (PHAs) and malicious IME apps, which may leak users’ sensitive keystrokes. The current defense system, such as I-BOX, is vulnerable to the prefix substitution attack and the colluding attack

  • Security-first architecture: deploying physically isolated active security processors for safeguarding the future of computing
    Cybersecurity Pub Date : 2018-06-05
    Dan Meng; Rui Hou; Gang Shi; Bibo Tu; Aimin Yu; Ziyuan Zhu; Xiaoqi Jia; Peng Liu

    It is fundamentally challenging to build a secure system atop the current computer architecture. The complexity in software, hardware and ASIC manufacture has reached beyond the capability of existing verification methodologies. Without whole-system verification, current systems have no proven security. It is observed that current systems are exposed to a variety of attacks due to the existence of

  • DroidEcho: an in-depth dissection of malicious behaviors in Android applications
    Cybersecurity Pub Date : 2018-06-05
    Guozhu Meng; Ruitao Feng; Guangdong Bai; Kai Chen; Yang Liu

    A precise representation for attacks can benefit the detection of malware in both accuracy and efficiency. However, it is still far from expectation to describe attacks precisely on the Android platform. In addition, new features on Android, such as communication mechanisms, introduce new challenges and difficulties for attack detection. In this paper, we propose abstract attack models to precisely

Contents have been reproduced by permission of the publishers.
Springer Nature Live 产业与创新线上学术论坛
ACS ES&T Engineering
ACS ES&T Water