05717nam 22007215 450 991087466000332120240909115227.09783031641718(electronic bk.)978303164170110.1007/978-3-031-64171-8(MiAaPQ)EBC31524474(Au-PeEL)EBL31524474(CKB)32733272000041(DE-He213)978-3-031-64171-8(EXLCZ)993273327200004120240711d2024 u| 0engurcnu||||||||txtrdacontentcrdamediacrrdacarrierDetection of Intrusions and Malware, and Vulnerability Assessment 21st International Conference, DIMVA 2024, Lausanne, Switzerland, July 17–19, 2024, Proceedings /edited by Federico Maggi, Manuel Egele, Mathias Payer, Michele Carminati1st ed. 2024.Cham :Springer Nature Switzerland :Imprint: Springer,2024.1 online resource (563 pages)Lecture Notes in Computer Science,1611-3349 ;14828Print version: Maggi, Federico Detection of Intrusions and Malware, and Vulnerability Assessment Cham : Springer International Publishing AG,c2024 9783031641701 -- Vulnerability Detection and Defense. -- Exceptional Interprocedural Control Flow Graphs for x86-64 Binaries. -- S2malloc: Statistically Secure Allocator for Use-After-Free Protection And More. -- Acoustic Side-Channel Attacks on a Computer Mouse. -- Using Semgrep OSS to Find OWASP Top 10 Weaknesses in PHP Applications: A Case Study. -- Modularized Directed Greybox Fuzzing for Binaries over Multiple CPU Architectures. -- Malware and Threats. -- Constructs of Deceit: Exploring Nuances in Modern Social Engineering Attacks. -- Tarallo: Evading Behavioral Malware Detectors in the Problem Space. -- Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method. -- Extended Abstract: Evading Packing Detection: Breaking Heuristic-Based Static Detectors. -- Listening between the Bits: Privacy Leaks in Audio Fingerprints. -- Mobile and Web Application Security. -- Bringing UFUs Back into the Air With FUEL: A Framework for Evaluating the Effectiveness of Unrestricted File Upload Vulnerability Scanners. -- SandPuppy: Deep-state fuzzing guided by automatic detection of state-representative variables. -- Extended Abstract - Tracking Manifests - Persistent Identifiers in Progressive Web Apps. -- PayRide: Secure Transport e-Ticketing with Untrusted Smartphone Location. -- Knocking on Admin’s Door: Protecting Critical Web Applications with Deception. -- AI for Security. -- Approach for the Optimization of Machine Learning Models for Calculating Binary Function Similarity. -- Inferring Recovery Steps from Cyber Threat Intelligence Reports. -- Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs. -- Extended Abstract: Assessing Language Models for Semantic Textual Similarity in Cybersecurity. -- Extended Abstract: A Transfer Learning-based Training Approach for DGA Classification. -- Hardware and Firmware Security. -- Seum Spread: Discerning Security Flaws in IoT Firmware Via Call Sequence Semantics. -- Gluezilla: Efficient and Scalable Software to Hardware Binding using Rowhammer. -- SmmPack: Obfuscation for SMM Modules. -- Presshammer: Rowhammer and Rowpress without Physical Address Information. -- Cyber Physical Systems and IoT. -- SecMonS: A Security Monitoring Framework for IEC 61850 Substations Based on Configuration Files and Logs. -- FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids. -- Wireless Modulation Identification: filling the gap in IoT networks security audit. -- Extended Abstract: Assessing GNSS Vulnerabilities in Smart Grids.This book constitutes the proceedings of the 21st International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2024, held in Lausanne, Switzerland, during July 17–19, 2024. The 22 full papers and 6 short paper presented in this volume were carefully reviewed and selected from 110 submissions. The papers are organized in thematical sections named: vulnerability detection and defense; malware and threats; mobile and web application security; AI for security; hardware and firmware security; cyber physical systems and IoT.Lecture Notes in Computer Science,1611-3349 ;14828Data protectionComputer engineeringComputer networksComputersCriminologyQuantum physicsData and Information SecurityComputer Engineering and NetworksComputing MilieuxCrime Control and SecurityQuantum PhysicsData protection.Computer engineering.Computer networks.Computers.Criminology.Quantum physics.Data and Information Security.Computer Engineering and Networks.Computing Milieux.Crime Control and Security.Quantum Physics.005.8Maggi Federico1749710Egele Manuel1749711Payer Mathias1749712Carminati Michele1749713MiAaPQMiAaPQMiAaPQ9910874660003321Detection of Intrusions and Malware, and Vulnerability Assessment4183981UNINA