Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Detection of Intrusions and Malware, and Vulnerability Assessment [[electronic resource] ] : 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings / / edited by Roberto Perdisci, Clémentine Maurice, Giorgio Giacinto, Magnus Almgren
| Detection of Intrusions and Malware, and Vulnerability Assessment [[electronic resource] ] : 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings / / edited by Roberto Perdisci, Clémentine Maurice, Giorgio Giacinto, Magnus Almgren |
| Edizione | [1st ed. 2019.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2019 |
| Descrizione fisica | 1 online resource (XV, 504 p. 220 illus., 105 illus. in color.) |
| Disciplina | 353.00722 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
Computer crimes Computers Operating systems (Computers) Computer organization Systems and Data Security Computer Crime Computing Milieux Operating Systems Information Systems and Communication Service Computer Systems Organization and Communication Networks |
| ISBN | 3-030-22038-9 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Wild Wild Web -- Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions -- New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild -- Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting -- On the Perils of Leaking Referrers in Online Collaboration Services -- Cyber-Physical Systems -- Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems -- Overshadow PLC to Detect Remote Control-Logic Injection Attacks -- A Security Evaluation of Industrial Radio Remote Controllers -- Understanding the Security of Traffic Signal Infrastructure -- Malware -- Practical Enclave Malware with Intel SGX -- How does Malware Use RDTSC? A Study on Operations Executed by Malware for CPU Cycle Measurement -- On Deception-Based Protection Against Cryptographic Ransomware -- PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware -- Software Security and Binary Analysis -- Memory Categorization: Separating Attacker-Controlled Data -- TypeMiner: Recovering Types in Binary Programs using Machine Learning -- SAFE: Self-Attentive Function Embeddings for Binary Similarity -- Triggerflow: Regression Testing by Advanced Execution Path Inspection -- Network Security -- Large-scale Analysis of Infrastructure-leaking DNS Servers -- Security In Plain TXT: Observing the Use of DNS TXT Records in the Wild -- No Need to Marry to Change Your Name! Attacking Profinet IO Automation Networks Using DCP -- DPX: Data-Plane eXtensions for SDN Security Service Instantiation -- Attack Mitigation -- Practical Password Hardening based on TLS -- Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks -- BinTrimmer: Towards Static Binary Debloating through Abstract Interpretation. |
| Record Nr. | UNISA-996466325303316 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2019 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Detection of Intrusions and Malware, and Vulnerability Assessment : 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings / / edited by Roberto Perdisci, Clémentine Maurice, Giorgio Giacinto, Magnus Almgren
| Detection of Intrusions and Malware, and Vulnerability Assessment : 16th International Conference, DIMVA 2019, Gothenburg, Sweden, June 19–20, 2019, Proceedings / / edited by Roberto Perdisci, Clémentine Maurice, Giorgio Giacinto, Magnus Almgren |
| Edizione | [1st ed. 2019.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2019 |
| Descrizione fisica | 1 online resource (XV, 504 p. 220 illus., 105 illus. in color.) |
| Disciplina |
353.00722
005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
Computer crimes Computers Operating systems (Computers) Computer organization Systems and Data Security Computer Crime Computing Milieux Operating Systems Information Systems and Communication Service Computer Systems Organization and Communication Networks |
| ISBN | 3-030-22038-9 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Wild Wild Web -- Wild Extensions: Discovering and Analyzing Unlisted Chrome Extensions -- New Kid on the Web: A Study on the Prevalence of WebAssembly in the Wild -- Morellian Analysis for Browsers: Making Web Authentication Stronger With Canvas Fingerprinting -- On the Perils of Leaking Referrers in Online Collaboration Services -- Cyber-Physical Systems -- Detecting, Fingerprinting and Tracking Reconnaissance Campaigns Targeting Industrial Control Systems -- Overshadow PLC to Detect Remote Control-Logic Injection Attacks -- A Security Evaluation of Industrial Radio Remote Controllers -- Understanding the Security of Traffic Signal Infrastructure -- Malware -- Practical Enclave Malware with Intel SGX -- How does Malware Use RDTSC? A Study on Operations Executed by Malware for CPU Cycle Measurement -- On Deception-Based Protection Against Cryptographic Ransomware -- PowerDrive: Accurate De-Obfuscation and Analysis of PowerShell Malware -- Software Security and Binary Analysis -- Memory Categorization: Separating Attacker-Controlled Data -- TypeMiner: Recovering Types in Binary Programs using Machine Learning -- SAFE: Self-Attentive Function Embeddings for Binary Similarity -- Triggerflow: Regression Testing by Advanced Execution Path Inspection -- Network Security -- Large-scale Analysis of Infrastructure-leaking DNS Servers -- Security In Plain TXT: Observing the Use of DNS TXT Records in the Wild -- No Need to Marry to Change Your Name! Attacking Profinet IO Automation Networks Using DCP -- DPX: Data-Plane eXtensions for SDN Security Service Instantiation -- Attack Mitigation -- Practical Password Hardening based on TLS -- Role Inference + Anomaly Detection = Situational Awareness in BACnet Networks -- BinTrimmer: Towards Static Binary Debloating through Abstract Interpretation. |
| Record Nr. | UNINA-9910337858203321 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2019 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Detection of Intrusions and Malware, and Vulnerability Assessment [[electronic resource] ] : 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings / / edited by Magnus Almgren, Vincenzo Gulisano, Federico Maggi
| Detection of Intrusions and Malware, and Vulnerability Assessment [[electronic resource] ] : 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings / / edited by Magnus Almgren, Vincenzo Gulisano, Federico Maggi |
| Edizione | [1st ed. 2015.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 |
| Descrizione fisica | 1 online resource (XII, 351 p. 98 illus.) |
| Disciplina | 005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
E-commerce Management information systems Computer science Systems and Data Security e-Commerce/e-business Management of Computing and Information Systems |
| ISBN | 3-319-20550-1 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents -- Attacks -- Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks -- 1 Introduction -- 2 Ransomware Data Set -- 2.1 Experimental Setup -- 3 Characterization and Evolution -- 3.1 File System Activity -- 3.2 Mitigation Strategies -- 4 Financial Incentives -- 4.1 Bitcoin as a Charging Method -- 5 Related Work -- 6 Conclusion -- References -- ``Nice Boots!'' - A Large-Scale Analysis of Bootkits and New Ways to Stop Them -- 1 Introduction -- 2 How Bootkits Interfere with the Boot Process -- 3 A Large Scale Analysis of Bootkit Technology -- 3.1 Large-Scale Bootkit Analysis Results -- 3.2 Historic Perspective on the Evolution of Bootkit Technology -- 4 Detecting and Preventing Bootkit Infections -- 4.1 Detecting Bootkit Attacks -- 4.2 Preventing Bootkit Infections -- 5 Bootcamp -- 6 Bootcamp Evaluation -- 6.1 Bootkit Detection Results -- 6.2 Bootkit Prevention Results -- 7 Discussion and Limitations -- 8 Related Work -- 9 Conclusion -- References -- C5: Cross-Cores Cache Covert Channel -- 1 Introduction -- 2 Background -- 2.1 Cache Fundamentals -- 2.2 Playing with Caches for Fun and Profit -- 2.3 The Problem of Addressing Uncertainty -- 3 C5 Covert Channel -- 3.1 Sender -- 3.2 Receiver -- 4 Experiments -- 4.1 Testbed -- 4.2 Native Environment -- 4.3 Virtualized Environment -- 4.4 Complex Addressing Matters -- 5 Discussion -- 5.1 Performance -- 5.2 Mitigation -- 6 Related Work -- 7 Conclusion -- References -- Attack Detection -- Intrusion Detection for Airborne Communication Using PHY-Layer Information -- 1 Introduction -- 2 Overview of ADS-B Security Concerns -- 3 Modeling False-Data Injection Attackers -- 4 Intrusion Detection -- 5 Experimental Design -- 6 Results -- 7 Conclusion and Future Work -- References -- That Ain't You: Blocking Spearphishing Through Behavioral Modelling.
1 Introduction -- 2 Behavioral Profiles -- 2.1 Features Characterizing an Email -- 2.2 Building Behavioral Profiles -- 3 Detecting Anomalous Emails -- 4 Evaluation -- 4.1 Evaluation Datasets -- 4.2 Analysis of the Classifier -- 4.3 Detecting Attack Emails -- 4.4 Performance of IdentityMailer -- 5 Discussion and Limitations -- 6 Related Work -- 7 Conclusions -- References -- Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics -- 1 Introduction -- 2 Preliminaries -- 2.1 Quantitative Data Flow Model -- 2.2 Windows Instantiation -- 3 Approach -- 3.1 Features -- 3.2 Training and Model Building Phase -- 3.3 Detection Phase -- 4 Evaluation -- 4.1 Prototype -- 4.2 Effectiveness -- 4.3 Efficiency -- 4.4 Summary and Threats to Validity -- 5 Related Work -- 6 Discussion and Conclusion -- References -- Binary Analysis and Mobile Malware Protection -- Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries -- 1 Introduction -- 2 Binary Analysis and Reverse Engineering -- 3 System Details -- 3.1 Step 1: Data Collection -- 3.2 Step 2: Clustering of Data-Flow Information -- 3.3 Step 3: Behavior Extraction -- 3.4 Step 4: Semantic Tagging -- 4 Experimental Evaluation -- 4.1 Dataset and Ground Truth -- 4.2 Parameter Estimation -- 4.3 Clustering Validation (Step 2) -- 4.4 Behavior Evaluation (Step 3) -- 5 Limitations and Future Work. -- 6 Related Work -- 7 Conclusions -- References -- Fine-Grained Control-Flow Integrity Through Binary Hardening -- 1 Introduction -- 2 Attack Model -- 3 Background and Related Work -- 3.1 Control-Flow Integrity -- 3.2 Dynamic Binary Translation -- 4 Lockdown Design -- 4.1 Rules for Control Transfers -- 4.2 Control Transfer Guards -- 4.3 Handling Stripped Binaries -- 5 Prototype Implementation -- 5.1 Runtime Optimizations -- 5.2 Control-Flow Particularities. 5.3 Implementation Heuristics -- 5.4 Binary Compatibility -- 6 Evaluation -- 6.1 Performance -- 6.2 Apache Case Study -- 6.3 Security and CFI Effectiveness Case-Study -- 6.4 Security Guarantees -- 7 Conclusion -- References -- Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software -- 1 Introduction -- 2 Energy Measurements -- 3 Experimental Setup and Datasets -- 4 Experimental Results -- 4.1 Energy Consumption vs. Scan Duration -- 4.2 Energy Consumption vs. Detection Outcome -- 4.3 Upon Installation vs. on Demand Detection -- 4.4 Size Does Matter -- 4.5 Display vs. CPU Energy Consumption -- 4.6 Internet Connectivity (WiFi) -- 5 Efficiency Guidelines -- 5.1 Detection Heuristics and Behavior -- 5.2 Visual Design -- 6 Limitations and Future Work -- 7 Related Work -- 8 Conclusion -- References -- Social Networks and Large-Scale Attacks -- The Role of Cloud Services in Malicious Software: Trends and Insights -- 1 Introduction -- 2 Approach -- 2.1 Platform Description -- 3 Experiments -- 3.1 Role of Public Cloud Services in Malware Infrastructures -- 3.2 Dedicated Domains Lifetime Estimation -- 4 Discussion -- 5 Related Work -- 6 Conclusion -- References -- Capturing DDoS Attack Dynamics Behind the Scenes -- 1 Introduction -- 2 Dataset Collection -- 3 Attack Dynamics -- 3.1 Bots Shift Pattern Analysis -- 3.2 Mathematical Representation of Shift Patterns -- 4 Related Work -- 5 Conclusion -- References -- Quit Playing Games with My Heart: Understanding Online Dating Scams -- 1 Introduction -- 2 Background and Problem Study -- 2.1 Online Dating Sites -- 2.2 Case Study: Jiayuan -- 2.3 Threat Model: Online Dating Scams -- 3 Methodology -- 3.1 Behavioral-Based Detection System -- 3.2 IP Address-Based Detection System -- 3.3 Photograph-Based Detection System -- 3.4 Text-Based Detection System -- 4 Description of the Scam Account Dataset. 5 A Taxonomy of Online Dating Scammers -- 6 Analysis of the Scam Account Dataset -- 6.1 Demographics of Different Scam Account Types -- 6.2 Strategies Used by Different Scam Account Types -- 7 Discussion -- 7.1 Scammers Are Perseverant -- 7.2 Future Work -- 8 Related Work -- 9 Conclusions -- References -- Web and Mobile Security -- More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations -- 1 Introduction -- 2 Background -- 2.1 Authorization Code Flow -- 2.2 Cross Site Request Forgery -- 3 Attack -- 3.1 CSRF in OAuth -- 3.2 Developer Implementation Problems -- 3.3 Mitigation -- 4 CSRF in the Wild -- 4.1 Web Crawler Design and Implementation -- 4.2 Data Collection Setup -- 4.3 Results -- 5 Case Studies -- 5.1 Missing Documentation -- 5.2 Incorrect Code Samples -- 5.3 Inconsistent Requirements -- 5.4 Lack of Enforcement -- 5.5 Recommended Approaches to Mitigation -- 6 Discussion -- 6.1 Comparison to HTTPS Use -- 6.2 OAuth 1.0 -- 7 Related Work -- 8 Conclusion -- References -- May I? - Content Security Policy Endorsement for Browser Extensions -- 1 Introduction -- 2 Empirical Study -- 2.1 Extension Analysis -- 3 Extension Framework Analysis -- 3.1 Resource Loading Through Content Scripts -- 3.2 Case Study: Rapportive -- 4 CSP Endorsement -- 4.1 Endorsement Workflow -- 4.2 Prototype Implementation -- 5 Evaluation -- 5.1 Experiment Set-Up -- 5.2 Results -- 6 Related Work -- 7 Conclusion -- References -- On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users -- 1 Introduction -- 2 Overview -- 3 System Details -- 3.1 Symbolic Executor -- 3.2 Policy Extractor -- 3.3 Application Rewriter -- 4 Practicality Evaluation -- 4.1 Results and Quality of Static Analysis -- 4.2 Quality of the Security Policies -- 4.3 Size of the Security Policies. 4.4 Discussion and Limitations -- 5 Viable Workflows -- 6 Security Implications and Benefits -- 7 Related Work -- 8 Conclusion and Future Work -- References -- Provenance and Data Sharing -- Identifying Intrusion Infections via Probabilistic Inference on Bayesian Network -- 1 Introduction -- 2 Related Work -- 3 Temporal Dependency Network -- 3.1 Dependency Relationships -- 3.2 Temporal Dependency Network -- 4 Proposed Method -- 4.1 Problem Description -- 4.2 Overview -- 4.3 Probabilistic Bayesian Network Model -- 4.4 Probabilistic Inference -- 5 Experimental Evaluation -- 5.1 Data Set -- 5.2 Methodology -- 5.3 Experiment Results -- 6 Conclusion -- References -- Controlled Data Sharing for Collaborative Predictive Blacklisting -- 1 Introduction -- 1.1 Problem Statement -- 1.2 Roadmap -- 2 Related Work -- 3 Preliminaries -- 3.1 System Model -- 3.2 Cryptographic Tools -- 3.3 Predictive Blacklisting -- 4 Collaborative Predictive Blacklisting via Controlled Data Sharing -- 4.1 Benefit Estimation -- 4.2 Establishing Partnerships -- 4.3 Data Sharing -- 5 The DShield Dataset -- 5.1 Original Dataset -- 5.2 Measurements and Observations -- 5.3 Final Dataset -- 6 Experimental Analysis -- 6.1 Experimental Setup -- 6.2 Different Benefit Estimation Metrics -- 6.3 Analysis -- 6.4 Different Sharing Strategies -- 6.5 Performance of Cryptographic Tools -- 6.6 Take-Aways -- 7 Conclusion -- References -- Author Index. |
| Record Nr. | UNISA-996198514503316 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Detection of Intrusions and Malware, and Vulnerability Assessment : 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings / / edited by Magnus Almgren, Vincenzo Gulisano, Federico Maggi
| Detection of Intrusions and Malware, and Vulnerability Assessment : 12th International Conference, DIMVA 2015, Milan, Italy, July 9-10, 2015, Proceedings / / edited by Magnus Almgren, Vincenzo Gulisano, Federico Maggi |
| Edizione | [1st ed. 2015.] |
| Pubbl/distr/stampa | Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 |
| Descrizione fisica | 1 online resource (XII, 351 p. 98 illus.) |
| Disciplina | 005.8 |
| Collana | Security and Cryptology |
| Soggetto topico |
Computer security
E-commerce Management information systems Computer science Systems and Data Security e-Commerce/e-business Management of Computing and Information Systems |
| ISBN | 3-319-20550-1 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Organization -- Contents -- Attacks -- Cutting the Gordian Knot: A Look Under the Hood of Ransomware Attacks -- 1 Introduction -- 2 Ransomware Data Set -- 2.1 Experimental Setup -- 3 Characterization and Evolution -- 3.1 File System Activity -- 3.2 Mitigation Strategies -- 4 Financial Incentives -- 4.1 Bitcoin as a Charging Method -- 5 Related Work -- 6 Conclusion -- References -- ``Nice Boots!'' - A Large-Scale Analysis of Bootkits and New Ways to Stop Them -- 1 Introduction -- 2 How Bootkits Interfere with the Boot Process -- 3 A Large Scale Analysis of Bootkit Technology -- 3.1 Large-Scale Bootkit Analysis Results -- 3.2 Historic Perspective on the Evolution of Bootkit Technology -- 4 Detecting and Preventing Bootkit Infections -- 4.1 Detecting Bootkit Attacks -- 4.2 Preventing Bootkit Infections -- 5 Bootcamp -- 6 Bootcamp Evaluation -- 6.1 Bootkit Detection Results -- 6.2 Bootkit Prevention Results -- 7 Discussion and Limitations -- 8 Related Work -- 9 Conclusion -- References -- C5: Cross-Cores Cache Covert Channel -- 1 Introduction -- 2 Background -- 2.1 Cache Fundamentals -- 2.2 Playing with Caches for Fun and Profit -- 2.3 The Problem of Addressing Uncertainty -- 3 C5 Covert Channel -- 3.1 Sender -- 3.2 Receiver -- 4 Experiments -- 4.1 Testbed -- 4.2 Native Environment -- 4.3 Virtualized Environment -- 4.4 Complex Addressing Matters -- 5 Discussion -- 5.1 Performance -- 5.2 Mitigation -- 6 Related Work -- 7 Conclusion -- References -- Attack Detection -- Intrusion Detection for Airborne Communication Using PHY-Layer Information -- 1 Introduction -- 2 Overview of ADS-B Security Concerns -- 3 Modeling False-Data Injection Attackers -- 4 Intrusion Detection -- 5 Experimental Design -- 6 Results -- 7 Conclusion and Future Work -- References -- That Ain't You: Blocking Spearphishing Through Behavioral Modelling.
1 Introduction -- 2 Behavioral Profiles -- 2.1 Features Characterizing an Email -- 2.2 Building Behavioral Profiles -- 3 Detecting Anomalous Emails -- 4 Evaluation -- 4.1 Evaluation Datasets -- 4.2 Analysis of the Classifier -- 4.3 Detecting Attack Emails -- 4.4 Performance of IdentityMailer -- 5 Discussion and Limitations -- 6 Related Work -- 7 Conclusions -- References -- Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics -- 1 Introduction -- 2 Preliminaries -- 2.1 Quantitative Data Flow Model -- 2.2 Windows Instantiation -- 3 Approach -- 3.1 Features -- 3.2 Training and Model Building Phase -- 3.3 Detection Phase -- 4 Evaluation -- 4.1 Prototype -- 4.2 Effectiveness -- 4.3 Efficiency -- 4.4 Summary and Threats to Validity -- 5 Related Work -- 6 Discussion and Conclusion -- References -- Binary Analysis and Mobile Malware Protection -- Jackdaw: Towards Automatic Reverse Engineering of Large Datasets of Binaries -- 1 Introduction -- 2 Binary Analysis and Reverse Engineering -- 3 System Details -- 3.1 Step 1: Data Collection -- 3.2 Step 2: Clustering of Data-Flow Information -- 3.3 Step 3: Behavior Extraction -- 3.4 Step 4: Semantic Tagging -- 4 Experimental Evaluation -- 4.1 Dataset and Ground Truth -- 4.2 Parameter Estimation -- 4.3 Clustering Validation (Step 2) -- 4.4 Behavior Evaluation (Step 3) -- 5 Limitations and Future Work. -- 6 Related Work -- 7 Conclusions -- References -- Fine-Grained Control-Flow Integrity Through Binary Hardening -- 1 Introduction -- 2 Attack Model -- 3 Background and Related Work -- 3.1 Control-Flow Integrity -- 3.2 Dynamic Binary Translation -- 4 Lockdown Design -- 4.1 Rules for Control Transfers -- 4.2 Control Transfer Guards -- 4.3 Handling Stripped Binaries -- 5 Prototype Implementation -- 5.1 Runtime Optimizations -- 5.2 Control-Flow Particularities. 5.3 Implementation Heuristics -- 5.4 Binary Compatibility -- 6 Evaluation -- 6.1 Performance -- 6.2 Apache Case Study -- 6.3 Security and CFI Effectiveness Case-Study -- 6.4 Security Guarantees -- 7 Conclusion -- References -- Powerslave: Analyzing the Energy Consumption of Mobile Antivirus Software -- 1 Introduction -- 2 Energy Measurements -- 3 Experimental Setup and Datasets -- 4 Experimental Results -- 4.1 Energy Consumption vs. Scan Duration -- 4.2 Energy Consumption vs. Detection Outcome -- 4.3 Upon Installation vs. on Demand Detection -- 4.4 Size Does Matter -- 4.5 Display vs. CPU Energy Consumption -- 4.6 Internet Connectivity (WiFi) -- 5 Efficiency Guidelines -- 5.1 Detection Heuristics and Behavior -- 5.2 Visual Design -- 6 Limitations and Future Work -- 7 Related Work -- 8 Conclusion -- References -- Social Networks and Large-Scale Attacks -- The Role of Cloud Services in Malicious Software: Trends and Insights -- 1 Introduction -- 2 Approach -- 2.1 Platform Description -- 3 Experiments -- 3.1 Role of Public Cloud Services in Malware Infrastructures -- 3.2 Dedicated Domains Lifetime Estimation -- 4 Discussion -- 5 Related Work -- 6 Conclusion -- References -- Capturing DDoS Attack Dynamics Behind the Scenes -- 1 Introduction -- 2 Dataset Collection -- 3 Attack Dynamics -- 3.1 Bots Shift Pattern Analysis -- 3.2 Mathematical Representation of Shift Patterns -- 4 Related Work -- 5 Conclusion -- References -- Quit Playing Games with My Heart: Understanding Online Dating Scams -- 1 Introduction -- 2 Background and Problem Study -- 2.1 Online Dating Sites -- 2.2 Case Study: Jiayuan -- 2.3 Threat Model: Online Dating Scams -- 3 Methodology -- 3.1 Behavioral-Based Detection System -- 3.2 IP Address-Based Detection System -- 3.3 Photograph-Based Detection System -- 3.4 Text-Based Detection System -- 4 Description of the Scam Account Dataset. 5 A Taxonomy of Online Dating Scammers -- 6 Analysis of the Scam Account Dataset -- 6.1 Demographics of Different Scam Account Types -- 6.2 Strategies Used by Different Scam Account Types -- 7 Discussion -- 7.1 Scammers Are Perseverant -- 7.2 Future Work -- 8 Related Work -- 9 Conclusions -- References -- Web and Mobile Security -- More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations -- 1 Introduction -- 2 Background -- 2.1 Authorization Code Flow -- 2.2 Cross Site Request Forgery -- 3 Attack -- 3.1 CSRF in OAuth -- 3.2 Developer Implementation Problems -- 3.3 Mitigation -- 4 CSRF in the Wild -- 4.1 Web Crawler Design and Implementation -- 4.2 Data Collection Setup -- 4.3 Results -- 5 Case Studies -- 5.1 Missing Documentation -- 5.2 Incorrect Code Samples -- 5.3 Inconsistent Requirements -- 5.4 Lack of Enforcement -- 5.5 Recommended Approaches to Mitigation -- 6 Discussion -- 6.1 Comparison to HTTPS Use -- 6.2 OAuth 1.0 -- 7 Related Work -- 8 Conclusion -- References -- May I? - Content Security Policy Endorsement for Browser Extensions -- 1 Introduction -- 2 Empirical Study -- 2.1 Extension Analysis -- 3 Extension Framework Analysis -- 3.1 Resource Loading Through Content Scripts -- 3.2 Case Study: Rapportive -- 4 CSP Endorsement -- 4.1 Endorsement Workflow -- 4.2 Prototype Implementation -- 5 Evaluation -- 5.1 Experiment Set-Up -- 5.2 Results -- 6 Related Work -- 7 Conclusion -- References -- On the Security and Engineering Implications of Finer-Grained Access Controls for Android Developers and Users -- 1 Introduction -- 2 Overview -- 3 System Details -- 3.1 Symbolic Executor -- 3.2 Policy Extractor -- 3.3 Application Rewriter -- 4 Practicality Evaluation -- 4.1 Results and Quality of Static Analysis -- 4.2 Quality of the Security Policies -- 4.3 Size of the Security Policies. 4.4 Discussion and Limitations -- 5 Viable Workflows -- 6 Security Implications and Benefits -- 7 Related Work -- 8 Conclusion and Future Work -- References -- Provenance and Data Sharing -- Identifying Intrusion Infections via Probabilistic Inference on Bayesian Network -- 1 Introduction -- 2 Related Work -- 3 Temporal Dependency Network -- 3.1 Dependency Relationships -- 3.2 Temporal Dependency Network -- 4 Proposed Method -- 4.1 Problem Description -- 4.2 Overview -- 4.3 Probabilistic Bayesian Network Model -- 4.4 Probabilistic Inference -- 5 Experimental Evaluation -- 5.1 Data Set -- 5.2 Methodology -- 5.3 Experiment Results -- 6 Conclusion -- References -- Controlled Data Sharing for Collaborative Predictive Blacklisting -- 1 Introduction -- 1.1 Problem Statement -- 1.2 Roadmap -- 2 Related Work -- 3 Preliminaries -- 3.1 System Model -- 3.2 Cryptographic Tools -- 3.3 Predictive Blacklisting -- 4 Collaborative Predictive Blacklisting via Controlled Data Sharing -- 4.1 Benefit Estimation -- 4.2 Establishing Partnerships -- 4.3 Data Sharing -- 5 The DShield Dataset -- 5.1 Original Dataset -- 5.2 Measurements and Observations -- 5.3 Final Dataset -- 6 Experimental Analysis -- 6.1 Experimental Setup -- 6.2 Different Benefit Estimation Metrics -- 6.3 Analysis -- 6.4 Different Sharing Strategies -- 6.5 Performance of Cryptographic Tools -- 6.6 Take-Aways -- 7 Conclusion -- References -- Author Index. |
| Record Nr. | UNINA-9910484264903321 |
| Cham : , : Springer International Publishing : , : Imprint : Springer, , 2015 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Recent Advances in Intrusion Detection [[electronic resource] ] : 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004, Proceedings / / edited by Erland Jonsson, Alfonso Valdes, Magnus Almgren
| Recent Advances in Intrusion Detection [[electronic resource] ] : 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004, Proceedings / / edited by Erland Jonsson, Alfonso Valdes, Magnus Almgren |
| Edizione | [1st ed. 2004.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2004 |
| Descrizione fisica | 1 online resource (X, 322 p.) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Management information systems
Computer science Data encryption (Computer science) Computer security Computers and civilization Computer communication systems Operating systems (Computers) Management of Computing and Information Systems Cryptology Systems and Data Security Computers and Society Computer Communication Networks Operating Systems |
| ISBN | 3-540-30143-7 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Modelling Process Behaviour -- Automatic Extraction of Accurate Application-Specific Sandboxing Policy -- Context Sensitive Anomaly Monitoring of Process Control Flow to Detect Mimicry Attacks and Impossible Paths -- Detecting Worms and Viruses -- HoneyStat: Local Worm Detection Using Honeypots -- Fast Detection of Scanning Worm Infections -- Detecting Unknown Massive Mailing Viruses Using Proactive Methods -- Attack and Alert Analysis -- Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection -- Attack Analysis and Detection for Ad Hoc Routing Protocols -- On the Design and Use of Internet Sinks for Network Abuse Monitoring -- Practical Experience -- Monitoring IDS Background Noise Using EWMA Control Charts and Alert Information -- Symantec Deception Server Experience with a Commercial Deception System -- Anomaly Detection -- Anomalous Payload-Based Network Intrusion Detection -- Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix -- Seurat: A Pointillist Approach to Anomaly Detection -- Formal Analysis for Intrusion Detection -- Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds -- Formal Reasoning About Intrusion Detection Systems -- RheoStat: Real-Time Risk Management. |
| Record Nr. | UNISA-996465663503316 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2004 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Recent Advances in Intrusion Detection : 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004, Proceedings / / edited by Erland Jonsson, Alfonso Valdes, Magnus Almgren
| Recent Advances in Intrusion Detection : 7th International Symposium, RAID 2004, Sophia Antipolis, France, September 15-17, 2004, Proceedings / / edited by Erland Jonsson, Alfonso Valdes, Magnus Almgren |
| Edizione | [1st ed. 2004.] |
| Pubbl/distr/stampa | Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2004 |
| Descrizione fisica | 1 online resource (X, 322 p.) |
| Disciplina | 005.8 |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Management information systems
Computer science Data encryption (Computer science) Computer security Computers and civilization Computer communication systems Operating systems (Computers) Management of Computing and Information Systems Cryptology Systems and Data Security Computers and Society Computer Communication Networks Operating Systems |
| ISBN | 3-540-30143-7 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto | Modelling Process Behaviour -- Automatic Extraction of Accurate Application-Specific Sandboxing Policy -- Context Sensitive Anomaly Monitoring of Process Control Flow to Detect Mimicry Attacks and Impossible Paths -- Detecting Worms and Viruses -- HoneyStat: Local Worm Detection Using Honeypots -- Fast Detection of Scanning Worm Infections -- Detecting Unknown Massive Mailing Viruses Using Proactive Methods -- Attack and Alert Analysis -- Using Adaptive Alert Classification to Reduce False Positives in Intrusion Detection -- Attack Analysis and Detection for Ad Hoc Routing Protocols -- On the Design and Use of Internet Sinks for Network Abuse Monitoring -- Practical Experience -- Monitoring IDS Background Noise Using EWMA Control Charts and Alert Information -- Symantec Deception Server Experience with a Commercial Deception System -- Anomaly Detection -- Anomalous Payload-Based Network Intrusion Detection -- Anomaly Detection Using Layered Networks Based on Eigen Co-occurrence Matrix -- Seurat: A Pointillist Approach to Anomaly Detection -- Formal Analysis for Intrusion Detection -- Detection of Interactive Stepping Stones: Algorithms and Confidence Bounds -- Formal Reasoning About Intrusion Detection Systems -- RheoStat: Real-Time Risk Management. |
| Record Nr. | UNINA-9910144348403321 |
| Berlin, Heidelberg : , : Springer Berlin Heidelberg : , : Imprint : Springer, , 2004 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||