The increasing use of smart metering infrastructure invites security threats through trusted insiders in spite of the devices’ authentication phase. Trusted insiders equipped with high privilege are also become vulnerable to being attacked. In the presence of these malicious or compromised insiders, it becomes difficult to achieve an efficient, transparent, reliable, and cost-effective smart grid.

Security is a top concern in digital infrastructure and there is a basic need to assess the level of security ensured for any given application. To accommodate this requirement, we propose a new risk assessment system. Our system identifies threats of an application workflow, computes the severity weights with the modified Microsoft STRIDE/DREAD model and estimates the final risk exposure after applying

When dealing with cloud services, there are important security requirements that are highly recommended to be achieved, notably, access control. Cloud services have provided several mechanisms based on traditional solutions for access management. All have ultimately failed as forgery-proof methods. Reality is a word replete with unauthorized access breaches. Therefore, the need for new grounds for

5G-based mobile ad hoc networks with cloud are a new paradigm that combines several real-world applications. Routing and security are current issues in MANETs. Security is highly important in MANET and cloud environments for preventing harmful attacks. Therefore, a trusted environment is required for a MANET with cloud-based 5G communications. In this paper, we propose a new framework called trust-aware

Machine learning techniques have been widely used and shown remarkable performance in various fields. Along with the widespread utilization of machine learning, concerns about privacy violations have been raised. Recently, as privacy invasion attacks on machine learning models have been reported, research on privacy-preserving machine learning has been conducted. In particular, in the field of differential

IoT devices are slowly turning out to be an essential part of our everyday lives. These devices perform one operation, and they specialize in doing so. When communicating with these devices, we need to set up a secured key preventing unauthorized communications. We have been using the plug-and-play model for electronic devices for decades. These IoT devices fall into the same realm. The plug–pair–play

Side-channels are unintended pathways within target systems that leak internal information, exploitable via side-channel attack techniques that extract the target information, compromising the system’s security and privacy. Side-channel attacks are well established within the cybersecurity domain, and thus their cyber-physical systems are actively defended with countermeasures. Non-cyber systems are

Password guessers are instrumental for assessing the strength of passwords. Despite their diversity and abundance, comparisons between password guessers are limited to simple success rates. Thus, little is known on how password guessers can best be combined with or complement each other. To extend analyses beyond success rates, we devise an analytical framework to compare the types of passwords that

In recent years, the design of effective authorization mechanisms for IoT and, in particular, for smart home applications has gained increasing attention from researchers and practitioners. However, very little attention is given to the performance evaluation of those authorization mechanisms. To fill this gap, this paper presents a thorough experimental evaluation of cloud- and edge-based access control

At present, garbled circuits play a vital role in secure multi-party computations. Originating from the garbling scheme of Yao, there is much work on how to hide these types of Boolean gates. At the same time, the universal circuit becomes the primary tool for hiding circuit topologies, which are also part of the private information on circuits. However, this technique is limited to the asymptotically

As a result of technology advancement, the impact of threats against computer operating systems has increased significantly. The category of malicious remote administration tools is particularly interesting because of their effectiveness and the fact that they combine multiple techniques to offer a number of both defensive and offensive features. This paper brings together and analyzes the most innovative

As filtering policies are getting larger and more complex, packet filtering at firewalls needs to keep low delays. New firewall architectures are needed to enforce security and meet the increasing demand for high-speed networks. Two main architectures exist for parallelization, data-parallel and function-parallel firewalls. In the first, packets are distributed across a set of identical firewalls that

An adversary can use SSH communication as a route for information leakage or hacking. Many studies have focused on TCP header analysis to detect encrypted communication. However, SSH detection using TCP header analysis is limited when changing TCP port information or modifying components of the SSH protocol. Various machine-learning (ML) techniques have been introduced to enhance network traffic classification

Website hacking is a frequent attack type used by malicious actors to obtain confidential information, modify the integrity of web pages or make websites unavailable. The tools used by attackers are becoming more and more automated and sophisticated, and malicious machine learning agents seem to be the next development in this line. In order to provide ethical hackers with similar tools, and to understand

Executable files still remain popular to compromise the endpoint computers. These executable files are often obfuscated to avoid anti-virus programs. To examine all suspicious files from the Internet, dynamic analysis requires too much time. Therefore, a fast filtering method is required. With the recent development of natural language processing (NLP) techniques, printable strings became more effective

With numbers of exploitable vulnerabilities and attacks on networks constantly increasing, it is important to employ defensive techniques to protect one’s systems. A wide range of defenses are available and new paradigms such as Moving Target Defense (MTD) rise in popularity. But to make informed decisions on which defenses to implement, it is necessary to evaluate their effectiveness first. In many

Exploring novel security layers in academia and industry is always a concern due to the types of malware developing currently. Adding a widely applicable security layer into existing ones in terms of verification can be achieved by profiling users by their behaviors. A great candidate may be mouse dynamics. The nature of behavioral biometry based on mouse dynamics contains less sensitive data and still

Technologies for integrating enterprise web applications have improved rapidly over the years. The OAuth framework provides authentication and authorization using the users’ profile and credentials in an existing identity provider. This makes it possible for attackers to exploit any vulnerability arising from exchange of data with the provider. Vulnerability in OAuth authorization flow allows an attacker

We present the first constant-round, tree-based, group key exchange protocol based on SIDH with logarithmic-order communication and memory complexity, where the only previous isogeny-based group key exchange, SIBD, has linear-order communication and memory complexity. We call our protocol the supersingular isogeny tree-based group key exchange (SIT). We show that our protocol satisfies post-quantum

Anomaly-based detection techniques have a high number of false positives, which degrades the detection performance. To address this issue, we propose a distributed intrusion detection system, named ISM-AC, based on anomaly detection using artificial immune system and attack graph correlation. To analyze network traffic, we use negative selection, clonal selection, and immune network algorithms to implement

Man-in-the-Middle (MitM), one of the best known attacks in the world of computer security, is among the greatest concerns for professionals in the field. Main goal of MitM is to compromise confidentiality, integrity and availability of data flowing between source and destination. However, most of its many variants involve difficulties that make it not always possible. The present paper aims at modelling

Context-aware network logging is becoming more prevalent for enterprise networks, data centers, and forensics. Monitoring agents are strategically placed to generate log files from the activity of interests from various network points. In a distributed architecture, these agents are scattered across multiple nodes, and they have limited network visibility. Consequently, the resulting logs become fragmented

The recent digital revolution led robots to become integrated more than ever into different domains such as agricultural, medical, industrial, military, police (law enforcement), and logistics. Robots are devoted to serve, facilitate, and enhance the human life. However, many incidents have been occurring, leading to serious injuries and devastating impacts such as the unnecessary loss of human lives

Every month, several new protocols are popping up, comparing themselves with a few others and claiming to outperform the whole state of the art. The most popular domain of protocols is the one for authentication in a client–server architecture for which both symmetric key- and public key-based protocols are being proposed. The usage of public key-based mechanisms has several consequences, not only

In this paper, we present a framework for privacy preserving collaborative data analysis among multiple data providers acting as edge of a cloud environment. The proposed framework computes the best trade-off among privacy and result accuracy, based on the privacy requirements of data providers and the specific requested analysis algorithm. Though the presented model is general and can be applied to

For decades, code transformations have been a vital open problem in the field of system security, especially for cases like malware mutation engines that generate semantically equivalent forms of given malicious payloads. While there are abundant works on malware and on malware phylogenies classification and detection in general, the fundamental principles about malicious transformations to evade detection

Threat models and attack graphs have been used more than 20 years by enterprises and organizations for mapping the actions of potential adversaries, analyzing the effects of vulnerabilities and visualizing attack scenarios. Although efficient when describing high-level interactions in simpler enterprise networks, they fall short in modern decentralized systems, especially in microservices architectures

This paper deals with a well-known problem in the area of the smudge attacks: when a user draws a pattern to unlock the pattern lock on a smartphone screen, pattern extraction sometimes becomes difficult owing to the existence of the oily residuals around it. This is because the phone screen becomes obscured by these residuals, which significantly lower the guess rate of the pattern lock. To address

The safe maintenance of Node.js modules is critical in the software security industry. Most server-side web applications are built on Node.js, an environment that is highly dependent on modules. However, there is clear lack of research on Node.js module security. This study focuses particularly on prototype pollution vulnerability, which is an emerging security vulnerability type that has also not

Following recent comments in a NIST document related to threshold cryptographic standards, we examine the case of thresholdizing the HashEdDSA signature scheme. This is a deterministic signature scheme based on Edwards elliptic curves. Unlike DSA, it has a Schnorr-like signature equation, which is an advantage for threshold implementations, but it has the disadvantage of having the ephemeral secret

In a secret sharing scheme, a dealer, D, distributes shares of a secret, S among a set of n participants, such that only authorised subsets of these participants can reconstruct S, by pooling their shares. Unauthorised subsets should gain no information. An extensively researched area within this field is how to cope with participants who arbitrarily modify their shares (i.e. cheaters). A secret sharing

Many Android apps employ WebView, a component that enables the display of web content in the apps without redirecting users to web browser apps. However, WebView might also be used for cyberattacks. Moreover, to the best of our knowledge, although some countermeasures based on access control have been reported for attacks exploiting WebView, no mechanism for monitoring web access via WebView has been

The Controller Area Network (CAN) is the most widely employed communication protocol for in-vehicle applications. While many of its features qualify it as a suitable candidate for future use in automotive networking, the lack of security mechanisms makes it problematic for safety-critical applications. Recently, both the research community and the industry have proposed a large number of solutions

Advances within the toy industry and interconnectedness have resulted in the rapid and pervasive development of smart connected toys (SCTs), built with the capacity to collect terabytes of personal identifiable information, device context data, and play data. Any compromise of data stored, process, or transit can introduce privacy concerns, financial fraud concerns, and safety concerns, such as location

Since mobile applications make our lives easier, there is a large number of mobile applications customized for our needs in the application markets. While the application markets provide us a platform for downloading applications, it is also used by malware developers in order to distribute their malicious applications. In Android, permissions are used to prevent users from installing applications

The current train systems are heavily computerized which makes them highly prone to cyberattacks. Many functions in the trains are controlled by programmable logic controllers (PLCs) which make them an attractive target of attacks. By compromising the train’s PLCs, attackers can cause trains to operate in an unsafe environment and even lead to a fatal accident. In this paper, we investigated the current

Controlling the propagation of information in social networks is a problem of growing importance. On one hand, users wish to freely communicate and interact with their peers. On the other hand, the information they spread can bring to harmful consequences if it falls in the wrong hands. There is therefore a trade-off between utility, i.e. reaching as many intended nodes as possible, and privacy, i

The exchange of threat intelligence information can make a significant contribution to improving IT security in companies and has become increasingly important in recent years. However, such an exchange also entails costs and risks, preventing many companies from participating. In addition, since legal reporting requirements were introduced in various countries, certain requirements must be taken into

Card-based cryptography is an attractive and unconventional computation model; it provides secure computing methods using a deck of physical cards. It is noteworthy that a card-based protocol can be easily executed by non-experts such as high school students without the use of any electric device. One of the main goals in this discipline is to develop efficient protocols. The efficiency has been evaluated

Traditional pay-and-display ticket machines are currently coexisting, but will probably be replaced in the near future, with pay-by-phone applications. Such applications facilitate the payment for parking in regulated areas. Companies providing this service collect and manage information about all the parking transactions performed by drivers. That information is very sensitive and can be used to generate

Regulating the access to the Internet of Things (IoT) network’s resources is a complex-prone task, which requires to pay a great attention on how policies are defined, shared, and enforced. The present paper considers the specific context of a smart home, which represents one of the main IoT application domains, and it focuses on two solutions proposed in the literature to cope with the aforementioned

We introduce Password Authenticated Searchable Encryption (PASE), a novel searchable encryption scheme where a single human-memorizable password can be used to outsource (encrypted) data with associated keywords to a group of servers and later retrieve this data through the encrypted keyword search procedure. PASE ensures that only the legitimate user who knows the initially registered password can

The weakness of the security measures implemented on Internet of Things (IoT) devices, added to the sensitivity of the data that they handle, has created an attractive environment for cybercriminals to carry out attacks. This has caused a substantial increase in the number of cyberincidents, requiring the opening of digital investigations in order to shed light on what has occurred. However, the characteristics

Cardiac implantable electronic devices (CIED) are vulnerable to radio frequency (RF) cyber-attacks. Besides, CIED communicate with medical equipment whose telemetry capabilities and IP connectivity are creating new entry points that may be used by attackers. Therefore, it remains crucial to perform a cybersecurity risk assessment of CIED and the systems they rely on to determine the gravity of threats

The state-of-the-art contributions in the area of memory forensics are centered around uncovering potentially hidden processes, control flow and code pointer integrity manipulations and detecting malicious code injections done by attackers. At the same time, deployment of memory protection mechanisms like control flow integrity, data execution prevention/no-execute, address space layout randomization

With rapid technological development, mobile computing and wireless transmission have become mature. These two technologies can be combined for sharing medical records on social networks, but doing so depends on the secure sharing of a patient’s data between Pervasive Social Network (PSN) nodes. Previous research has revealed that most human sensors cannot support very heavy computation, so the computation

Nowadays, smart home devices like Amazon Echo and Google Home have reached mainstream popularity. Being in the homes of users, these devices are intrinsically intrusive, being able to access details such as users’ name, gender, home address, calendar appointments and others. There are growing concerns about indiscriminate data collection and invasion of user privacy in smart home devices, but studies

Public key infrastructure (PKI) is widely used over the Internet to secure and to encrypt communication among parties. PKI involves digital certificates which are managed by certificate authorities (CAs) that authenticate users identity, in order to establish encrypted communication channels. The centralized operation model of CAs has already caused several targeted attacks due to the distribution

As known, security system administrators need to be aware of the security risks and abnormal behaviors in a network system. Given the exploitation probability value of each vulnerability, the cumulative probability of an attack path from an attacker to a target node can be quantified and calculated, namely as the K maximum probability attack paths for a target node. It is proposed in this paper a design

The pervasive use of mobile technologies and GPS-equipped vehicles has resulted in a large number of moving objects databases. Privacy protection is one of the most significant challenges related to moving objects databases because of the legal requirements in many application domains. Over the last few years, several differentially private mechanisms have been proposed for moving objects databases

Information systems and cloud computing infrastructures are frequently exposed to various types of threats. Without detection and prevention mechanisms, the threats can materialize and cause different types of damages that usually lead to significant financial losses. The threats arise from a complex and multifaceted environment. Currently, organizations are struggling to identify the threats to their

Cloud communication is an intrinsic aspect of cloud architecture. It is an internet-based communication that enables access to millions of cloud services. These services are provided using TCP/UDP-based communications and protected by traditional security protocols (e.g., SSL/ TLS/DTLS). However, security threats in cloud communications become the most serious issue nowadays. To address some of the

Direct anonymous attestation (DAA) enables a platform including a trusted platform module (TPM) to produce a signature in order to remotely attest that it is in a certified state while preserving its anonymity. A main feature of DAA is that a TPM and a host together act as a signer, where the TPM is less powerful but trustworthy, whereas the host is more powerful but vulnerable to corruptions. Although

Cyberattacks, especially attacks that exploit operating system vulnerabilities, have been increasing in recent years. In particular, if administrator privileges are acquired by an attacker through a privilege escalation attack, the attacker can operate the entire system and cause serious damage. In this paper, we propose an additional kernel observer (AKO) that prevents privilege escalation attacks

The complexity of today’s integrated circuit (IC) supply chain, organised in several tiers and including many companies located in different countries, makes it challenging to assess the history and integrity of procured ICs. This enables malicious practices like counterfeiting and insertion of back doors, which are extremely dangerous, especially in supply chains of ICs for industrial control systems

Internet of Things (IoT) is an integration of various technologies to provide technological enhancements. To enforce access control on low power operated battery constrained devices is a challenging issue in IoT scenarios. Attribute-based encryption (ABE) has emerged as an access control mechanism to allow users to encrypt and decrypt data based on an attributes policy. However, to accommodate the

This paper successfully tackles the problem of processing a vast amount of security related data for the task of network intrusion detection. It employs Apache Spark, as a big data processing tool, for processing a large size of network traffic data. Also, we propose a hybrid scheme that combines the advantages of deep network and machine learning methods. Initially, stacked autoencoder network is

Internet of Things (IoT) and cloud computing are separate emerging paradigms, which are both an indispensable part of numerous ubiquitous devices that are connected to our life via the Internet. Their enactment and effectiveness are presumed to be more and more pervasive, making them essential ingredients of the Future Internet. Cloud data broadcast system is a novel framework where the advancement

The fragility of password-based authentication has been recognized and studied for several decades. It is an increasingly common industry practice to profile users based on their sessions context, such as IP ranges and Browser type in order to build a risk profile on an incoming authentication attempt. On the other hand, behavioral dynamics such as mouse and keyword features have been proposed in the

The skyrocketing growth rate of new malware brings novel challenges to protect computers and networks. Discerning truly novel malware from variants of known samples is a way to keep pace with this trend. This can be done by grouping known malware in families by similarity and classifying new samples into those families. As malware and their families evolve over time, approaches based on classifiers