Info
- Utilizzare la checkbox di selezione a fianco di ciascun documento per attivare le funzionalità di stampa, invio email, download nei formati disponibili del (i) record.
Computer Security. ESORICS 2023 International Workshops : CyberICS, DPM, CBT, and SECPRE, the Hague, the Netherlands, September 25-29, 2023, Revised Selected Papers, Part I
| Computer Security. ESORICS 2023 International Workshops : CyberICS, DPM, CBT, and SECPRE, the Hague, the Netherlands, September 25-29, 2023, Revised Selected Papers, Part I |
| Autore | Katsikas Sokratis |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Cham : , : Springer, , 2024 |
| Descrizione fisica | 1 online resource (518 pages) |
| Altri autori (Persone) |
Cuppensédéric
Cuppens-BoulahiaNora LambrinoudakisCostas Garcia-AlfaroJoaquin Navarro-ArribasGuillermo NespoliPantaleone KalloniatisChristos MylopoulosJohn AntónAnnie |
| Collana | Lecture Notes in Computer Science Series |
| ISBN | 3-031-54204-5 |
| Formato | Materiale a stampa  |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Contents - Part I -- Contents - Part II -- Effects of Organizational Cyber Security Culture Across the Energy Sector Supply Chain -- 1 Introduction -- 2 Related Work -- 2.1 Supply Chain Cyber Security -- 2.2 Cyber Security Culture -- 3 Method -- 3.1 Problem Identification and Literature Review -- 3.2 Data Collection and Analysis -- 3.3 Data Interpretation and Reporting -- 4 Results -- 4.1 Governance -- 4.2 Preparedness and Incident Response -- 4.3 Supply Chain Challenges -- 4.4 Trust -- 4.5 Looking Towards Others and Propagation of Trust -- 4.6 The Impact of Organization Size -- 5 Discussion -- 5.1 Discussion of Main Research Questions -- 5.2 Exploration of Additional Findings -- 6 Conclusion and Future Work -- References -- METRICS: A Methodology for Evaluating and Testing the Resilience of Industrial Control Systems to Cyberattacks -- 1 Introduction -- 2 Cybersecurity Research for ICSs -- 2.1 Testbeds -- 2.2 Datasets -- 2.3 Related Work -- 2.4 Toward a Cross-Domain ICS Evaluation -- 3 METRICS: A Cybersecurity Evaluation Methodology for ICSs -- 3.1 Exchangeable Evaluation Environment -- 3.2 Adversaries and Responses -- 3.3 Cross-Domain Metrics -- 3.4 Evaluation Control -- 4 Use Case: METRICS for Power Grids -- 4.1 Evaluation Phases -- 4.2 Discussion -- 5 Toward Cross-Domain Resilience -- 6 Conclusion -- A Environment Description File Example -- B Scenario Description File Example -- References -- Threat Analysis in Dairy Farming 4.0 -- 1 Introduction -- 2 Related Work -- 3 CPSs of a Dairy Farm 4.0 -- 4 Threat Modeling and Risk Assessment -- 4.1 Methodology -- 4.2 Threats and Risks in the Dairy Farm 4.0 -- 5 Conclusions -- References -- Overview of Social Engineering Protection and Prevention Methods -- 1 Introduction -- 2 Method Selection Methodology -- 3 Analysis -- 3.1 Overview of Protection Method Categories.
3.2 Criteria for Method Evaluation -- 3.3 Evaluation Results -- 3.4 Analysis of Evaluation Results -- 4 Conclusion -- References -- Skade - A Challenge Management System for Cyber Threat Hunting -- 1 Introduction -- 2 Related Work -- 3 Hypotheses Concerning Threat Hunting Training -- 3.1 Ensuring Constructive Alignment -- 3.2 Supporting Motivating Setting -- 3.3 Providing Feedback and Assessment -- 3.4 Covering Multiple Learning Dimensions -- 4 Realization of the Challenge Manager Skade -- 4.1 Features -- 4.2 Functions -- 4.3 Example Based on the Nordic-US Exercise of 2023 -- 5 Discussion -- 5.1 Skade as a Design Science Effort -- 5.2 Trainees and Requirements on Challenges -- 5.3 Interaction with Emulators -- 5.4 Learning Objectives and Learning Activities -- 5.5 Experiment Plan and Tests of Hypotheses -- 6 Conclusion -- References -- On the Usage of NLP on CVE Descriptions for Calculating Risk -- 1 Introduction -- 2 Cybersecurity Related Background -- 2.1 Common Vulnerabilities and Exposures (CVE) -- 2.2 Common Platform Enumeration (CPE) -- 2.3 Common Weakness Enumeration (CWE) -- 2.4 Common Attack Pattern Enumeration and Classification (CAPEC) -- 2.5 National Vulnerability Database (NVD) -- 2.6 Common Vulnerability Scoring System (CVSS) -- 3 Related Work -- 4 Natural Language Processing Background -- 4.1 Text Classification -- 4.2 spaCy -- 5 Implementation -- 6 Conclusion -- References -- Evaluation of an OPC UA-Based Access Control Enforcement Architecture -- 1 Introduction -- 2 Related Work -- 3 Architecture -- 3.1 Protocol Modeling -- 4 Implementation -- 5 Experiment -- 6 Results -- 6.1 Results on Connection Experiments -- 6.2 Results on Access Resource Experiments -- 6.3 Results on Different Token Expiry Times -- 6.4 Result on Different Token Sizes -- 6.5 Results on Lowering the CPU Clock Frequency of the Resource Server. 7 Suggestions on Optimizations of Session Activation -- 8 Discussion -- 8.1 Recommendations -- 8.2 Limitations and Impact -- 9 Conclusions -- References -- HoneyEVSE: An Honeypot to Emulate Electric Vehicle Supply Equipments -- 1 Introduction -- 2 Background -- 2.1 Internet Exchange Point -- 2.2 Honeypot -- 2.3 Vehicle-to-Grid (V2G) -- 3 Related Work -- 4 HoneyEVSE Honeypot -- 4.1 Architecture -- 4.2 Physical Process -- 4.3 Services and Interaction -- 4.4 Data Logging -- 5 Results -- 5.1 Interactions Analysis -- 5.2 Interactions Origin -- 6 Conclusion -- References -- DPM 2023 -- Foreword from the DPM 2023 Program Chairs -- 18th International Workshop on Data Privacy Management - DPM 2023 -- PC Chairs -- Program Committee -- Steering Committee -- Additional Reviewers -- Not Only Security and Privacy: The Evolving Ethical and Legal Challenges of E-Commerce -- 1 Introduction -- 2 Background -- 3 Methodology and Research Strategy -- 3.1 Research Questions -- 4 Results -- 4.1 The `old' Ethical Dilemmas of E-Commerce -- 4.2 The `New' Ethical Dilemmas of E-Commerce -- 5 Conclusions -- References -- Synthetic Is All You Need: Removing the Auxiliary Data Assumption for Membership Inference Attacks Against Synthetic Data -- 1 Introduction -- 2 Background and Related Work -- 2.1 Synthetic Data Generation -- 2.2 Membership Inference Attacks Against Synthetic Tabular Data -- 3 Attack Scenarios -- 3.1 (S0) Auxiliary -- 3.2 (S1) Black Box -- 3.3 (S2) Published -- 3.4 (S3) Upper Bound -- 4 Experimental Setup -- 4.1 Synthetic Data Generators -- 4.2 Real World Datasets -- 4.3 Meta-classifier Methods -- 4.4 Parameters of the Attack -- 5 Results -- 5.1 Query Based Attack -- 5.2 Target Attention Attack -- 5.3 Robustness Analysis for Number of Synthetic Records m -- 6 Future Work -- 6.1 Impact of Releasing Less Synthetic Records. 6.2 Differentially Private Synthetic Generation Methods -- 6.3 Bridging the Gap with the Upper Bound -- 7 Conclusion -- References -- Patient-Centric Health Data Sovereignty: An Approach Using Proxy Re-Encryption -- 1 Introduction -- 2 Proxy Re-Encryption -- 2.1 Syntax and Basic Definitions -- 2.2 Umbral's PRE Scheme -- 3 Related Work -- 4 Patient-Centric Health Data Sovereignty -- 4.1 Proposed Solution -- 4.2 Authentication/Authorisation -- 4.3 Access Delegation Scenario -- 4.4 Break-Glass Approach -- 5 Performance Analysis -- 6 Conclusion -- References -- PrivacySmart: Automatic and Transparent Management of Privacy Policies -- 1 Introduction -- 1.1 Related Work -- 1.2 Contribution and Plan of This Paper -- 2 Proposal Description -- 2.1 System Architecture Overview -- 2.2 User Privacy Preferences -- 2.3 Pop-Up Interaction Module -- 2.4 Consent Smart Contract -- 2.5 Workflow -- 3 Discussion -- 3.1 Implementation -- 3.2 Evaluation -- 4 Conclusions and Future Work -- References -- Try On, Spied On?: Privacy Analysis of Virtual Try-On Websites and Android Apps -- 1 Introduction -- 2 Related Work -- 3 Methodology -- 3.1 Collection of VTO Providers, Websites and Apps -- 3.2 Analyzing the Sharing of Users' Images on VTO Websites/Apps -- 3.3 Analyzing Privacy Policies w.r.t VTO Feature -- 3.4 Measurement of Trackers -- 3.5 Analysing VTO Service Providers -- 4 Results -- 4.1 Sharing of Users' Images on VTO Featuring Websites -- 4.2 Privacy Policy Analysis w.r.t VTO Feature on Websites -- 4.3 Sharing of Users' Images on VTO Featuring Apps -- 4.4 Privacy Policy Analysis w.r.t VTO Feature on Apps -- 4.5 Measurement of Trackers -- 4.6 Analysis of VTO Service Providers -- 5 Conclusion -- References -- Integrally Private Model Selection for Support Vector Machine -- 1 Introduction -- 2 Preliminaries -- 2.1 Support Vector Machine (SVM). 2.2 Model Comparison Attack for SVM and Integral Privacy -- 3 Methodology -- 3.1 Overview -- 3.2 Datasets -- 3.3 Creation of Partitions -- 3.4 Integrally Private SVM (IPSVM) -- 4 Results -- 4.1 Drawbacks -- 5 Conclusion and Future Work -- References -- Differentially Private Traffic Flow Prediction Using Transformers: A Federated Approach -- 1 Introduction -- 2 Preliminaries -- 2.1 Federated Learning -- 2.2 Differential Privacy -- 2.3 Temporal Fusion Transformers -- 3 Related Work -- 4 Differentially Private Federated Traffic Flow Prediction Using Temporal Fusion Transformers -- 4.1 Client-Side Training -- 4.2 Model Perturbation -- 4.3 Aggregation Algorithm -- 5 Dataset and Experimental Settings -- 6 Results and Analysis -- 7 Conclusion and Future Works -- References -- Analyzing Continuous Ks-Anonymization for Smart Meter Data -- 1 Introduction -- 2 Problem Statement and Related Work -- 3 ks-Anonymity and CASTLE -- 4 Evaluation -- 5 Conclusion -- References -- Towards Real-World Private Computations with Homomorphic Encryption: Current Solutions and Open Challenges -- 1 Introduction -- 2 Industrial Context -- 3 Background -- 4 Available Libraries -- 4.1 HElib -- 4.2 SEAL -- 4.3 PALISADE -- 4.4 OpenFHE -- 4.5 TFHE -- 4.6 Concrete -- 4.7 LATTIGO -- 5 Towards Real-World HE Applications: HELT -- 6 Related Work -- 7 Conclusion -- References -- AddShare: A Privacy-Preserving Approach for Federated Learning -- 1 Introduction -- 2 Background and Related Work -- 2.1 Federated Learning Attacks -- 2.2 Privacy in Federated Learning -- 3 The AddShare Approach -- 3.1 Threat Models -- 3.2 AddShare Algorithm -- 3.3 Implemented AddShare Variants -- 4 Empirical Evaluation -- 5 Results and Discussion -- 6 Conclusion -- References -- Secure Multiparty Sampling of a Biased Coin for Differential Privacy -- 1 Introduction -- 1.1 Other Background and Related Works. 1.2 Contribution. |
| Record Nr. | UNINA-9910842291903321 |
Katsikas Sokratis
|
||
| Cham : , : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Computer Security. ESORICS 2023 International Workshops : CyberICS, DPM, CBT, and SECPRE, the Hague, the Netherlands, September 25-29, 2023, Revised Selected Papers, Part I
| Computer Security. ESORICS 2023 International Workshops : CyberICS, DPM, CBT, and SECPRE, the Hague, the Netherlands, September 25-29, 2023, Revised Selected Papers, Part I |
| Autore | Katsikas Sokratis |
| Edizione | [1st ed.] |
| Pubbl/distr/stampa | Cham : , : Springer, , 2024 |
| Descrizione fisica | 1 online resource (518 pages) |
| Altri autori (Persone) |
Cuppensédéric
Cuppens-BoulahiaNora LambrinoudakisCostas Garcia-AlfaroJoaquin Navarro-ArribasGuillermo NespoliPantaleone KalloniatisChristos MylopoulosJohn AntónAnnie |
| Collana | Lecture Notes in Computer Science Series |
| ISBN | 3-031-54204-5 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Contents - Part I -- Contents - Part II -- Effects of Organizational Cyber Security Culture Across the Energy Sector Supply Chain -- 1 Introduction -- 2 Related Work -- 2.1 Supply Chain Cyber Security -- 2.2 Cyber Security Culture -- 3 Method -- 3.1 Problem Identification and Literature Review -- 3.2 Data Collection and Analysis -- 3.3 Data Interpretation and Reporting -- 4 Results -- 4.1 Governance -- 4.2 Preparedness and Incident Response -- 4.3 Supply Chain Challenges -- 4.4 Trust -- 4.5 Looking Towards Others and Propagation of Trust -- 4.6 The Impact of Organization Size -- 5 Discussion -- 5.1 Discussion of Main Research Questions -- 5.2 Exploration of Additional Findings -- 6 Conclusion and Future Work -- References -- METRICS: A Methodology for Evaluating and Testing the Resilience of Industrial Control Systems to Cyberattacks -- 1 Introduction -- 2 Cybersecurity Research for ICSs -- 2.1 Testbeds -- 2.2 Datasets -- 2.3 Related Work -- 2.4 Toward a Cross-Domain ICS Evaluation -- 3 METRICS: A Cybersecurity Evaluation Methodology for ICSs -- 3.1 Exchangeable Evaluation Environment -- 3.2 Adversaries and Responses -- 3.3 Cross-Domain Metrics -- 3.4 Evaluation Control -- 4 Use Case: METRICS for Power Grids -- 4.1 Evaluation Phases -- 4.2 Discussion -- 5 Toward Cross-Domain Resilience -- 6 Conclusion -- A Environment Description File Example -- B Scenario Description File Example -- References -- Threat Analysis in Dairy Farming 4.0 -- 1 Introduction -- 2 Related Work -- 3 CPSs of a Dairy Farm 4.0 -- 4 Threat Modeling and Risk Assessment -- 4.1 Methodology -- 4.2 Threats and Risks in the Dairy Farm 4.0 -- 5 Conclusions -- References -- Overview of Social Engineering Protection and Prevention Methods -- 1 Introduction -- 2 Method Selection Methodology -- 3 Analysis -- 3.1 Overview of Protection Method Categories.
3.2 Criteria for Method Evaluation -- 3.3 Evaluation Results -- 3.4 Analysis of Evaluation Results -- 4 Conclusion -- References -- Skade - A Challenge Management System for Cyber Threat Hunting -- 1 Introduction -- 2 Related Work -- 3 Hypotheses Concerning Threat Hunting Training -- 3.1 Ensuring Constructive Alignment -- 3.2 Supporting Motivating Setting -- 3.3 Providing Feedback and Assessment -- 3.4 Covering Multiple Learning Dimensions -- 4 Realization of the Challenge Manager Skade -- 4.1 Features -- 4.2 Functions -- 4.3 Example Based on the Nordic-US Exercise of 2023 -- 5 Discussion -- 5.1 Skade as a Design Science Effort -- 5.2 Trainees and Requirements on Challenges -- 5.3 Interaction with Emulators -- 5.4 Learning Objectives and Learning Activities -- 5.5 Experiment Plan and Tests of Hypotheses -- 6 Conclusion -- References -- On the Usage of NLP on CVE Descriptions for Calculating Risk -- 1 Introduction -- 2 Cybersecurity Related Background -- 2.1 Common Vulnerabilities and Exposures (CVE) -- 2.2 Common Platform Enumeration (CPE) -- 2.3 Common Weakness Enumeration (CWE) -- 2.4 Common Attack Pattern Enumeration and Classification (CAPEC) -- 2.5 National Vulnerability Database (NVD) -- 2.6 Common Vulnerability Scoring System (CVSS) -- 3 Related Work -- 4 Natural Language Processing Background -- 4.1 Text Classification -- 4.2 spaCy -- 5 Implementation -- 6 Conclusion -- References -- Evaluation of an OPC UA-Based Access Control Enforcement Architecture -- 1 Introduction -- 2 Related Work -- 3 Architecture -- 3.1 Protocol Modeling -- 4 Implementation -- 5 Experiment -- 6 Results -- 6.1 Results on Connection Experiments -- 6.2 Results on Access Resource Experiments -- 6.3 Results on Different Token Expiry Times -- 6.4 Result on Different Token Sizes -- 6.5 Results on Lowering the CPU Clock Frequency of the Resource Server. 7 Suggestions on Optimizations of Session Activation -- 8 Discussion -- 8.1 Recommendations -- 8.2 Limitations and Impact -- 9 Conclusions -- References -- HoneyEVSE: An Honeypot to Emulate Electric Vehicle Supply Equipments -- 1 Introduction -- 2 Background -- 2.1 Internet Exchange Point -- 2.2 Honeypot -- 2.3 Vehicle-to-Grid (V2G) -- 3 Related Work -- 4 HoneyEVSE Honeypot -- 4.1 Architecture -- 4.2 Physical Process -- 4.3 Services and Interaction -- 4.4 Data Logging -- 5 Results -- 5.1 Interactions Analysis -- 5.2 Interactions Origin -- 6 Conclusion -- References -- DPM 2023 -- Foreword from the DPM 2023 Program Chairs -- 18th International Workshop on Data Privacy Management - DPM 2023 -- PC Chairs -- Program Committee -- Steering Committee -- Additional Reviewers -- Not Only Security and Privacy: The Evolving Ethical and Legal Challenges of E-Commerce -- 1 Introduction -- 2 Background -- 3 Methodology and Research Strategy -- 3.1 Research Questions -- 4 Results -- 4.1 The `old' Ethical Dilemmas of E-Commerce -- 4.2 The `New' Ethical Dilemmas of E-Commerce -- 5 Conclusions -- References -- Synthetic Is All You Need: Removing the Auxiliary Data Assumption for Membership Inference Attacks Against Synthetic Data -- 1 Introduction -- 2 Background and Related Work -- 2.1 Synthetic Data Generation -- 2.2 Membership Inference Attacks Against Synthetic Tabular Data -- 3 Attack Scenarios -- 3.1 (S0) Auxiliary -- 3.2 (S1) Black Box -- 3.3 (S2) Published -- 3.4 (S3) Upper Bound -- 4 Experimental Setup -- 4.1 Synthetic Data Generators -- 4.2 Real World Datasets -- 4.3 Meta-classifier Methods -- 4.4 Parameters of the Attack -- 5 Results -- 5.1 Query Based Attack -- 5.2 Target Attention Attack -- 5.3 Robustness Analysis for Number of Synthetic Records m -- 6 Future Work -- 6.1 Impact of Releasing Less Synthetic Records. 6.2 Differentially Private Synthetic Generation Methods -- 6.3 Bridging the Gap with the Upper Bound -- 7 Conclusion -- References -- Patient-Centric Health Data Sovereignty: An Approach Using Proxy Re-Encryption -- 1 Introduction -- 2 Proxy Re-Encryption -- 2.1 Syntax and Basic Definitions -- 2.2 Umbral's PRE Scheme -- 3 Related Work -- 4 Patient-Centric Health Data Sovereignty -- 4.1 Proposed Solution -- 4.2 Authentication/Authorisation -- 4.3 Access Delegation Scenario -- 4.4 Break-Glass Approach -- 5 Performance Analysis -- 6 Conclusion -- References -- PrivacySmart: Automatic and Transparent Management of Privacy Policies -- 1 Introduction -- 1.1 Related Work -- 1.2 Contribution and Plan of This Paper -- 2 Proposal Description -- 2.1 System Architecture Overview -- 2.2 User Privacy Preferences -- 2.3 Pop-Up Interaction Module -- 2.4 Consent Smart Contract -- 2.5 Workflow -- 3 Discussion -- 3.1 Implementation -- 3.2 Evaluation -- 4 Conclusions and Future Work -- References -- Try On, Spied On?: Privacy Analysis of Virtual Try-On Websites and Android Apps -- 1 Introduction -- 2 Related Work -- 3 Methodology -- 3.1 Collection of VTO Providers, Websites and Apps -- 3.2 Analyzing the Sharing of Users' Images on VTO Websites/Apps -- 3.3 Analyzing Privacy Policies w.r.t VTO Feature -- 3.4 Measurement of Trackers -- 3.5 Analysing VTO Service Providers -- 4 Results -- 4.1 Sharing of Users' Images on VTO Featuring Websites -- 4.2 Privacy Policy Analysis w.r.t VTO Feature on Websites -- 4.3 Sharing of Users' Images on VTO Featuring Apps -- 4.4 Privacy Policy Analysis w.r.t VTO Feature on Apps -- 4.5 Measurement of Trackers -- 4.6 Analysis of VTO Service Providers -- 5 Conclusion -- References -- Integrally Private Model Selection for Support Vector Machine -- 1 Introduction -- 2 Preliminaries -- 2.1 Support Vector Machine (SVM). 2.2 Model Comparison Attack for SVM and Integral Privacy -- 3 Methodology -- 3.1 Overview -- 3.2 Datasets -- 3.3 Creation of Partitions -- 3.4 Integrally Private SVM (IPSVM) -- 4 Results -- 4.1 Drawbacks -- 5 Conclusion and Future Work -- References -- Differentially Private Traffic Flow Prediction Using Transformers: A Federated Approach -- 1 Introduction -- 2 Preliminaries -- 2.1 Federated Learning -- 2.2 Differential Privacy -- 2.3 Temporal Fusion Transformers -- 3 Related Work -- 4 Differentially Private Federated Traffic Flow Prediction Using Temporal Fusion Transformers -- 4.1 Client-Side Training -- 4.2 Model Perturbation -- 4.3 Aggregation Algorithm -- 5 Dataset and Experimental Settings -- 6 Results and Analysis -- 7 Conclusion and Future Works -- References -- Analyzing Continuous Ks-Anonymization for Smart Meter Data -- 1 Introduction -- 2 Problem Statement and Related Work -- 3 ks-Anonymity and CASTLE -- 4 Evaluation -- 5 Conclusion -- References -- Towards Real-World Private Computations with Homomorphic Encryption: Current Solutions and Open Challenges -- 1 Introduction -- 2 Industrial Context -- 3 Background -- 4 Available Libraries -- 4.1 HElib -- 4.2 SEAL -- 4.3 PALISADE -- 4.4 OpenFHE -- 4.5 TFHE -- 4.6 Concrete -- 4.7 LATTIGO -- 5 Towards Real-World HE Applications: HELT -- 6 Related Work -- 7 Conclusion -- References -- AddShare: A Privacy-Preserving Approach for Federated Learning -- 1 Introduction -- 2 Background and Related Work -- 2.1 Federated Learning Attacks -- 2.2 Privacy in Federated Learning -- 3 The AddShare Approach -- 3.1 Threat Models -- 3.2 AddShare Algorithm -- 3.3 Implemented AddShare Variants -- 4 Empirical Evaluation -- 5 Results and Discussion -- 6 Conclusion -- References -- Secure Multiparty Sampling of a Biased Coin for Differential Privacy -- 1 Introduction -- 1.1 Other Background and Related Works. 1.2 Contribution. |
| Record Nr. | UNISA-996587860003316 |
|
Katsikas Sokratis
|
||
| Cham : , : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Computer Security. ESORICS 2023 International Workshops [[electronic resource] ] : CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II / / edited by Sokratis Katsikas, Habtamu Abie, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Isabel Praça, Wenjuan Li, Weizhi Meng, Steven Furnell, Basel Katt, Sandeep Pirbhulal, Ankur Shukla, Michele Ianni, Mila Dalla Preda, Kim-Kwang Raymond Choo, Miguel Pupo Correia, Abhishta Abhishta, Giovanni Sileno, Mina Alishahi, Harsha Kalutarage, Naoto Yanai
| Computer Security. ESORICS 2023 International Workshops [[electronic resource] ] : CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II / / edited by Sokratis Katsikas, Habtamu Abie, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Isabel Praça, Wenjuan Li, Weizhi Meng, Steven Furnell, Basel Katt, Sandeep Pirbhulal, Ankur Shukla, Michele Ianni, Mila Dalla Preda, Kim-Kwang Raymond Choo, Miguel Pupo Correia, Abhishta Abhishta, Giovanni Sileno, Mina Alishahi, Harsha Kalutarage, Naoto Yanai |
| Autore | Katsikas Sokratis |
| Edizione | [1st ed. 2024.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 |
| Descrizione fisica | 1 online resource (785 pages) |
| Disciplina | 005.8 |
| Altri autori (Persone) |
AbieHabtamu
RaniseSilvio VerderameLuca CambiasoEnrico UgarelliRita PraçaIsabel LiWenjuan MengWeizhi FurnellSteven |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer networks - Security measures
Cryptography Data encryption (Computer science) Computers Computer engineering Computer networks Data protection Mobile and Network Security Cryptology Computing Milieux Computer Engineering and Networks Data and Information Security Computer Communication Networks |
| ISBN | 3-031-54129-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Contents - Part II -- Contents - Part I -- CPS4CIP 2023 -- CPS4CIP 2023 Preface -- Organization -- General Chairs -- Program Committee Chairs -- Program Committee -- External Reviewer -- An Opportunity-Based Approach to Information Security Risk -- 1 Introduction -- 2 Related Research -- 2.1 Risk Management -- 2.2 Research Questions -- 3 Research Method -- 4 Results -- 4.1 Definition of Risk -- 4.2 Risk Description -- 4.3 Sample Case - Use of Risk Description Strategies -- 4.4 Positive Risk Assessment -- 5 Summary and Conclusion -- References -- A Methodology for Cybersecurity Risk Assessment in Supply Chains -- 1 Introduction -- 2 Related Work -- 3 Security Risk Assessment Methodology -- 3.1 Asset Types -- 3.2 Threat Types -- 3.3 Vulnerability Types -- 3.4 Supply Chain Risk Assessment -- 3.5 Questionnaire -- 4 Preliminary Validation of the Methodology -- 4.1 Security Experts -- 4.2 Fictional Scenario -- 4.3 Result Discussion -- 5 Conclusion -- References -- IM-DISCO: Invariant Mining for Detecting IntrusionS in Critical Operations -- 1 Introduction -- 2 Related Work -- 3 IM-DISCO -- 3.1 Formalization of Concepts -- 3.2 Railway Example -- 3.3 Predicate Generation -- 3.4 Invariant Rule Mining -- 3.5 Summary -- 4 Implementation -- 5 Evaluation -- 5.1 Data Collection and Experiment Setup -- 5.2 Evaluation Metrics -- 5.3 Operational Mode Inference (RQ. 1) -- 5.4 Anomaly Detection (RQ. 2) -- 5.5 Invariant Rules Verification and Validation (RQ. 3) -- 6 Conclusion -- References -- Unravelling Network-Based Intrusion Detection: A Neutrosophic Rule Mining and Optimization Framework -- 1 Introduction -- 2 State-of-The-Art -- 2.1 Accuracy vs Explainability Dichotomy -- 2.2 Classification Rule Mining -- 2.3 Rule Uncertainty -- 3 RUGE Framework -- 3.1 Phase 1: Rule Mining -- 3.2 Phase 2: Rules Selection.
4 Intrusion Detection Case Study: A CICIDS2017 Testbed -- 4.1 Dataset and Data Preprocessing -- 4.2 Scenario and Configuration -- 4.3 Results and Discussion -- 5 Conclusions -- References -- Labeling NIDS Rules with MITRE ATT& -- CK Techniques Using ChatGPT -- 1 Introduction -- 2 Background -- 2.1 Cyber Threat Intelligence -- 2.2 Generative Pre-trained Transformers -- 3 Related Work on Language Models for CTI Labeling -- 3.1 Non-networking-based CTI Labeling -- 3.2 Networking-Based CTI Labeling -- 4 Labeling NIDS Rules with MITRE ATT& -- CK Techniques -- 4.1 GPT-Based Labeling -- 4.2 Keyword-Based Labeling (KB) -- 4.3 Post-processing -- 5 Evaluation -- 5.1 Evaluation Set -- 5.2 Performance Metrics -- 5.3 Experimental Setup -- 5.4 Results -- 5.5 Discussion -- 6 Conclusions and Future Work -- A Appendix: Chat-GPT Prompt Templates -- References -- User Behavior Analysis for Malware Detection -- 1 Introduction -- 2 Related Work -- 3 Architecture -- 3.1 Enduser Host -- 3.2 Smart Behavior Analysis (SBA) -- 3.3 Metrics -- 4 Machine Learning Model -- 4.1 Autoencoder Model -- 4.2 Kernel Density Estimation Model -- 5 Model Accuracy and Validation -- 5.1 Training Data -- 5.2 Test Data -- 5.3 Metric Relevancy -- 5.4 Models' Comparison -- 5.5 False Positive Reduction -- 6 Conclusion -- References -- Balancing XAI with Privacy and Security Considerations -- 1 Introduction -- 2 Background -- 2.1 XAI Taxonomy Classes -- 2.2 Evaluation Criteria and Methods -- 3 Findings -- 3.1 Privacy Attacks -- 3.2 Privacy Defences -- 3.3 Security Aspects -- 4 Conclusions -- References -- Utilizing the Ensemble Learning and XAI for Performance Improvements in IoT Network Attack Detection -- 1 Introduction -- 2 Related work -- 3 Methodology -- 3.1 Overview of Approach -- 3.2 Dataset Refinement with XAI -- 3.3 Attack Detection -- 3.4 Attack Identification. 4 Results and Evaluation -- 4.1 Dataset and Experimental Environment -- 4.2 Performance Metrics -- 4.3 Experimental Evaluation on CIC-IDS Dataset -- 5 Conclusions -- References -- Digital Twins in Healthcare: Security, Privacy, Trust and Safety Challenges*-10pt -- 1 Introduction -- 2 Challenges of Digital Twins -- 2.1 Security -- 2.2 Privacy -- 2.3 Trust -- 2.4 Safety -- 3 Digital Twins in Healthcare -- 3.1 Ethical Concerns of Digital Twins in Healthcare -- 3.2 Threat Landscape in Healthcare -- 4 IoT Digital Twins: Challenges and Conflict Analysis -- 4.1 Security vs. Safety -- 4.2 Security vs. Privacy -- 4.3 Security vs. Operational Requirements -- 4.4 Security vs. Trust -- 5 Summary and Conclusion -- References -- ADIoT 2023 -- ADIoT 2023 Preface -- Organization -- General Co-chair -- Program Co-chairs -- Local Chairs -- Technical Program Committee -- Steering Committee -- Subreviewer -- C-TAR: A Compositional Threat Analysis and Risk Assessment Method for Infrastructure-Based Autonomous Driving -- 1 Introduction -- 2 Preliminaries -- 3 Related Work -- 3.1 Threat Modeling -- 3.2 Risk Assessment -- 3.3 Digital Dependability Identities -- 3.4 Automotive Security Surveys -- 3.5 Insights from Literature Review -- 4 C-TAR Method Description -- 4.1 First Phase - C-TAR Input -- 4.2 Second Phase - Compatibility Conditions -- 4.3 Third Phase - Compatibility Statement -- 5 Example -- 5.1 First Phase - C-TAR Input -- 5.2 Second Phase - Compatibility Conditions -- 5.3 Third Phase - Compatibility Statement -- 6 Conclusion -- References -- The VOCODES Kill Chain for Voice Controllable Devices -- 1 Introduction -- 2 Related Work -- 3 The VOCODES Kill Chain -- 3.1 Steps -- 3.2 Discussion -- 4 Applying VOCODES to Alexa vs Alexa -- 4.1 Reconnaissance -- 4.2 Audio Weaponization -- 4.3 Initial Foothold -- 4.4 Exploitation -- 4.5 Persistence -- 4.6 Actions on Objectives. 5 Conclusions -- References -- DETONAR-Light: An IoT Network Intrusion Detection Using DETONAR without a Sniffer Network -- 1 Introduction -- 2 Background on RPL and DETONAR -- 2.1 RPL -- 2.2 DETONAR -- 2.3 RADAR -- 3 DETONAR-Light Design -- 3.1 Running DETONAR Using Data Collected at a Border Router -- 3.2 DETONAR Adaptation to Contiki-NG and Cooja -- 4 Experiments -- 4.1 Attack Implementation in Contiki-NG -- 4.2 Setup -- 4.3 Metrics -- 5 Results -- 5.1 Attack Detection and Classification for Networks Without Packet Loss -- 5.2 Attack Detection and Classification for Networks with Packet Loss -- 6 Discussion and Limitations -- 7 Conclusions -- References -- Firmware-Based DoS Attacks in Wireless Sensor Network -- 1 Introduction -- 2 Background -- 3 Threat Scenario -- 3.1 Assumption -- 3.2 Vulnerable Code -- 4 Attack Simulation -- 5 Defensive Mechanism -- 6 Related Work -- 7 Conclusion -- Appendix -- References -- Single-Server Batch Delegation of Variable-Input Pairings with Unbounded Client Lifetime -- 1 Introduction -- 2 Pairing Definitions -- 3 Our Batch Delegation Protocols -- 3.1 Input Scenario: "017E A Private Online, "017E B Public Online -- 3.2 Input Scenario: "017E A and "017E B Public Online -- 3.3 Input Scenario: "017E A Private Online and "017E B Public Offline -- 3.4 Input Scenario: "017E A Public Online, "017E B Public Offline -- 3.5 Input Scenario: "017E A and "017E B="017E sH Private Online -- 4 Practical Performance Analysis of Our Protocols -- 5 Conclusions -- A Formal Definitions -- References -- SigIL: A Signature-Based Approach of Malware Detection on Intermediate Language -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Implementation -- 5 Example -- 6 Conclusion and Future Work -- References -- SecAssure 2023 -- SecAssure 2023 Preface -- Organization -- General Chairs -- Program Committee Chairs -- Program Committee. Additional Reviewers -- Toward Next-Generation Cyber Range: A Comparative Study of Training Platforms -- 1 Introduction -- 2 Comparison Criteria -- 2.1 Application Domains -- 2.2 Team Formation -- 2.3 Methods of Experimentation -- 2.4 Infrastructure Technologies -- 2.5 Front-End Technologies -- 2.6 Scenario -- 2.7 Topology Generation -- 2.8 Accessibility -- 2.9 Traffic -- 2.10 User Modeling -- 2.11 Data Collection and Analysis -- 2.12 Scoring and Reporting -- 2.13 Ownership and License -- 3 Comparison of Cyber Ranges Solutions -- 3.1 Analysis -- 3.2 Overall Comparison -- 4 Scenario and Topology Generation -- 4.1 SecGen -- 4.2 CyExec* -- 5 Discussion and Open Challenges -- 6 Conclusion -- References -- Forkfuzz: Leveraging the Fork-Awareness in Coverage-Guided Fuzzing -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Motivational Scenario -- 5 Forkfuzz -- 5.1 Setup Step -- 5.2 Execution Step -- 5.3 Termination Step -- 6 Evaluation -- 6.1 Dining Philosophers Problem -- 6.2 Producer-Consumer Problem -- 6.3 Web Server -- 6.4 Performance -- 7 Discussion -- 7.1 Limitations -- 7.2 Aggregated Coverage -- 7.3 Areas of Improvement -- 8 Concluding Remarks -- References -- Trust Assumptions in Voting Systems -- 1 Introduction -- 2 Paper-Based Voting in a Polling Station -- 2.1 Regular Paper Voting -- 2.2 Paper Voting with Cryptographic Receipts -- 3 Postal Voting -- 3.1 Regular Postal Voting -- 3.2 Postal Voting with Cryptographic Receipts -- 4 Voting via Voting Machines -- 4.1 Voting Machines Used in Bulgaria -- 5 Internet Voting -- 5.1 Estonian IVXV -- 6 Discussion and Conclusions -- 6.1 Overview of the Trust Assumptions -- 6.2 Comparative Analysis of the Trust Assumptions -- References -- Introducing Distributed Ledger Security into System Specifications with the Isabelle RR-Cycle -- 1 Introduction -- 2 Summary of RR-Cycle and Case Study. 3 IoT Model in IIIf, Attack Trees Analysis and Refinement to Distributed Ledger. |
| Record Nr. | UNINA-9910842491003321 |
|
Katsikas Sokratis
|
||
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||
Computer Security. ESORICS 2023 International Workshops [[electronic resource] ] : CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II / / edited by Sokratis Katsikas, Habtamu Abie, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Isabel Praça, Wenjuan Li, Weizhi Meng, Steven Furnell, Basel Katt, Sandeep Pirbhulal, Ankur Shukla, Michele Ianni, Mila Dalla Preda, Kim-Kwang Raymond Choo, Miguel Pupo Correia, Abhishta Abhishta, Giovanni Sileno, Mina Alishahi, Harsha Kalutarage, Naoto Yanai
| Computer Security. ESORICS 2023 International Workshops [[electronic resource] ] : CPS4CIP, ADIoT, SecAssure, WASP, TAURIN, PriST-AI, and SECAI, The Hague, The Netherlands, September 25–29, 2023, Revised Selected Papers, Part II / / edited by Sokratis Katsikas, Habtamu Abie, Silvio Ranise, Luca Verderame, Enrico Cambiaso, Rita Ugarelli, Isabel Praça, Wenjuan Li, Weizhi Meng, Steven Furnell, Basel Katt, Sandeep Pirbhulal, Ankur Shukla, Michele Ianni, Mila Dalla Preda, Kim-Kwang Raymond Choo, Miguel Pupo Correia, Abhishta Abhishta, Giovanni Sileno, Mina Alishahi, Harsha Kalutarage, Naoto Yanai |
| Autore | Katsikas Sokratis |
| Edizione | [1st ed. 2024.] |
| Pubbl/distr/stampa | Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 |
| Descrizione fisica | 1 online resource (785 pages) |
| Disciplina | 005.8 |
| Altri autori (Persone) |
AbieHabtamu
RaniseSilvio VerderameLuca CambiasoEnrico UgarelliRita PraçaIsabel LiWenjuan MengWeizhi FurnellSteven |
| Collana | Lecture Notes in Computer Science |
| Soggetto topico |
Computer networks - Security measures
Cryptography Data encryption (Computer science) Computers Computer engineering Computer networks Data protection Mobile and Network Security Cryptology Computing Milieux Computer Engineering and Networks Data and Information Security Computer Communication Networks |
| ISBN | 3-031-54129-4 |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Nota di contenuto |
Intro -- Preface -- Contents - Part II -- Contents - Part I -- CPS4CIP 2023 -- CPS4CIP 2023 Preface -- Organization -- General Chairs -- Program Committee Chairs -- Program Committee -- External Reviewer -- An Opportunity-Based Approach to Information Security Risk -- 1 Introduction -- 2 Related Research -- 2.1 Risk Management -- 2.2 Research Questions -- 3 Research Method -- 4 Results -- 4.1 Definition of Risk -- 4.2 Risk Description -- 4.3 Sample Case - Use of Risk Description Strategies -- 4.4 Positive Risk Assessment -- 5 Summary and Conclusion -- References -- A Methodology for Cybersecurity Risk Assessment in Supply Chains -- 1 Introduction -- 2 Related Work -- 3 Security Risk Assessment Methodology -- 3.1 Asset Types -- 3.2 Threat Types -- 3.3 Vulnerability Types -- 3.4 Supply Chain Risk Assessment -- 3.5 Questionnaire -- 4 Preliminary Validation of the Methodology -- 4.1 Security Experts -- 4.2 Fictional Scenario -- 4.3 Result Discussion -- 5 Conclusion -- References -- IM-DISCO: Invariant Mining for Detecting IntrusionS in Critical Operations -- 1 Introduction -- 2 Related Work -- 3 IM-DISCO -- 3.1 Formalization of Concepts -- 3.2 Railway Example -- 3.3 Predicate Generation -- 3.4 Invariant Rule Mining -- 3.5 Summary -- 4 Implementation -- 5 Evaluation -- 5.1 Data Collection and Experiment Setup -- 5.2 Evaluation Metrics -- 5.3 Operational Mode Inference (RQ. 1) -- 5.4 Anomaly Detection (RQ. 2) -- 5.5 Invariant Rules Verification and Validation (RQ. 3) -- 6 Conclusion -- References -- Unravelling Network-Based Intrusion Detection: A Neutrosophic Rule Mining and Optimization Framework -- 1 Introduction -- 2 State-of-The-Art -- 2.1 Accuracy vs Explainability Dichotomy -- 2.2 Classification Rule Mining -- 2.3 Rule Uncertainty -- 3 RUGE Framework -- 3.1 Phase 1: Rule Mining -- 3.2 Phase 2: Rules Selection.
4 Intrusion Detection Case Study: A CICIDS2017 Testbed -- 4.1 Dataset and Data Preprocessing -- 4.2 Scenario and Configuration -- 4.3 Results and Discussion -- 5 Conclusions -- References -- Labeling NIDS Rules with MITRE ATT& -- CK Techniques Using ChatGPT -- 1 Introduction -- 2 Background -- 2.1 Cyber Threat Intelligence -- 2.2 Generative Pre-trained Transformers -- 3 Related Work on Language Models for CTI Labeling -- 3.1 Non-networking-based CTI Labeling -- 3.2 Networking-Based CTI Labeling -- 4 Labeling NIDS Rules with MITRE ATT& -- CK Techniques -- 4.1 GPT-Based Labeling -- 4.2 Keyword-Based Labeling (KB) -- 4.3 Post-processing -- 5 Evaluation -- 5.1 Evaluation Set -- 5.2 Performance Metrics -- 5.3 Experimental Setup -- 5.4 Results -- 5.5 Discussion -- 6 Conclusions and Future Work -- A Appendix: Chat-GPT Prompt Templates -- References -- User Behavior Analysis for Malware Detection -- 1 Introduction -- 2 Related Work -- 3 Architecture -- 3.1 Enduser Host -- 3.2 Smart Behavior Analysis (SBA) -- 3.3 Metrics -- 4 Machine Learning Model -- 4.1 Autoencoder Model -- 4.2 Kernel Density Estimation Model -- 5 Model Accuracy and Validation -- 5.1 Training Data -- 5.2 Test Data -- 5.3 Metric Relevancy -- 5.4 Models' Comparison -- 5.5 False Positive Reduction -- 6 Conclusion -- References -- Balancing XAI with Privacy and Security Considerations -- 1 Introduction -- 2 Background -- 2.1 XAI Taxonomy Classes -- 2.2 Evaluation Criteria and Methods -- 3 Findings -- 3.1 Privacy Attacks -- 3.2 Privacy Defences -- 3.3 Security Aspects -- 4 Conclusions -- References -- Utilizing the Ensemble Learning and XAI for Performance Improvements in IoT Network Attack Detection -- 1 Introduction -- 2 Related work -- 3 Methodology -- 3.1 Overview of Approach -- 3.2 Dataset Refinement with XAI -- 3.3 Attack Detection -- 3.4 Attack Identification. 4 Results and Evaluation -- 4.1 Dataset and Experimental Environment -- 4.2 Performance Metrics -- 4.3 Experimental Evaluation on CIC-IDS Dataset -- 5 Conclusions -- References -- Digital Twins in Healthcare: Security, Privacy, Trust and Safety Challenges*-10pt -- 1 Introduction -- 2 Challenges of Digital Twins -- 2.1 Security -- 2.2 Privacy -- 2.3 Trust -- 2.4 Safety -- 3 Digital Twins in Healthcare -- 3.1 Ethical Concerns of Digital Twins in Healthcare -- 3.2 Threat Landscape in Healthcare -- 4 IoT Digital Twins: Challenges and Conflict Analysis -- 4.1 Security vs. Safety -- 4.2 Security vs. Privacy -- 4.3 Security vs. Operational Requirements -- 4.4 Security vs. Trust -- 5 Summary and Conclusion -- References -- ADIoT 2023 -- ADIoT 2023 Preface -- Organization -- General Co-chair -- Program Co-chairs -- Local Chairs -- Technical Program Committee -- Steering Committee -- Subreviewer -- C-TAR: A Compositional Threat Analysis and Risk Assessment Method for Infrastructure-Based Autonomous Driving -- 1 Introduction -- 2 Preliminaries -- 3 Related Work -- 3.1 Threat Modeling -- 3.2 Risk Assessment -- 3.3 Digital Dependability Identities -- 3.4 Automotive Security Surveys -- 3.5 Insights from Literature Review -- 4 C-TAR Method Description -- 4.1 First Phase - C-TAR Input -- 4.2 Second Phase - Compatibility Conditions -- 4.3 Third Phase - Compatibility Statement -- 5 Example -- 5.1 First Phase - C-TAR Input -- 5.2 Second Phase - Compatibility Conditions -- 5.3 Third Phase - Compatibility Statement -- 6 Conclusion -- References -- The VOCODES Kill Chain for Voice Controllable Devices -- 1 Introduction -- 2 Related Work -- 3 The VOCODES Kill Chain -- 3.1 Steps -- 3.2 Discussion -- 4 Applying VOCODES to Alexa vs Alexa -- 4.1 Reconnaissance -- 4.2 Audio Weaponization -- 4.3 Initial Foothold -- 4.4 Exploitation -- 4.5 Persistence -- 4.6 Actions on Objectives. 5 Conclusions -- References -- DETONAR-Light: An IoT Network Intrusion Detection Using DETONAR without a Sniffer Network -- 1 Introduction -- 2 Background on RPL and DETONAR -- 2.1 RPL -- 2.2 DETONAR -- 2.3 RADAR -- 3 DETONAR-Light Design -- 3.1 Running DETONAR Using Data Collected at a Border Router -- 3.2 DETONAR Adaptation to Contiki-NG and Cooja -- 4 Experiments -- 4.1 Attack Implementation in Contiki-NG -- 4.2 Setup -- 4.3 Metrics -- 5 Results -- 5.1 Attack Detection and Classification for Networks Without Packet Loss -- 5.2 Attack Detection and Classification for Networks with Packet Loss -- 6 Discussion and Limitations -- 7 Conclusions -- References -- Firmware-Based DoS Attacks in Wireless Sensor Network -- 1 Introduction -- 2 Background -- 3 Threat Scenario -- 3.1 Assumption -- 3.2 Vulnerable Code -- 4 Attack Simulation -- 5 Defensive Mechanism -- 6 Related Work -- 7 Conclusion -- Appendix -- References -- Single-Server Batch Delegation of Variable-Input Pairings with Unbounded Client Lifetime -- 1 Introduction -- 2 Pairing Definitions -- 3 Our Batch Delegation Protocols -- 3.1 Input Scenario: "017E A Private Online, "017E B Public Online -- 3.2 Input Scenario: "017E A and "017E B Public Online -- 3.3 Input Scenario: "017E A Private Online and "017E B Public Offline -- 3.4 Input Scenario: "017E A Public Online, "017E B Public Offline -- 3.5 Input Scenario: "017E A and "017E B="017E sH Private Online -- 4 Practical Performance Analysis of Our Protocols -- 5 Conclusions -- A Formal Definitions -- References -- SigIL: A Signature-Based Approach of Malware Detection on Intermediate Language -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Implementation -- 5 Example -- 6 Conclusion and Future Work -- References -- SecAssure 2023 -- SecAssure 2023 Preface -- Organization -- General Chairs -- Program Committee Chairs -- Program Committee. Additional Reviewers -- Toward Next-Generation Cyber Range: A Comparative Study of Training Platforms -- 1 Introduction -- 2 Comparison Criteria -- 2.1 Application Domains -- 2.2 Team Formation -- 2.3 Methods of Experimentation -- 2.4 Infrastructure Technologies -- 2.5 Front-End Technologies -- 2.6 Scenario -- 2.7 Topology Generation -- 2.8 Accessibility -- 2.9 Traffic -- 2.10 User Modeling -- 2.11 Data Collection and Analysis -- 2.12 Scoring and Reporting -- 2.13 Ownership and License -- 3 Comparison of Cyber Ranges Solutions -- 3.1 Analysis -- 3.2 Overall Comparison -- 4 Scenario and Topology Generation -- 4.1 SecGen -- 4.2 CyExec* -- 5 Discussion and Open Challenges -- 6 Conclusion -- References -- Forkfuzz: Leveraging the Fork-Awareness in Coverage-Guided Fuzzing -- 1 Introduction -- 2 Background -- 3 Related Work -- 4 Motivational Scenario -- 5 Forkfuzz -- 5.1 Setup Step -- 5.2 Execution Step -- 5.3 Termination Step -- 6 Evaluation -- 6.1 Dining Philosophers Problem -- 6.2 Producer-Consumer Problem -- 6.3 Web Server -- 6.4 Performance -- 7 Discussion -- 7.1 Limitations -- 7.2 Aggregated Coverage -- 7.3 Areas of Improvement -- 8 Concluding Remarks -- References -- Trust Assumptions in Voting Systems -- 1 Introduction -- 2 Paper-Based Voting in a Polling Station -- 2.1 Regular Paper Voting -- 2.2 Paper Voting with Cryptographic Receipts -- 3 Postal Voting -- 3.1 Regular Postal Voting -- 3.2 Postal Voting with Cryptographic Receipts -- 4 Voting via Voting Machines -- 4.1 Voting Machines Used in Bulgaria -- 5 Internet Voting -- 5.1 Estonian IVXV -- 6 Discussion and Conclusions -- 6.1 Overview of the Trust Assumptions -- 6.2 Comparative Analysis of the Trust Assumptions -- References -- Introducing Distributed Ledger Security into System Specifications with the Isabelle RR-Cycle -- 1 Introduction -- 2 Summary of RR-Cycle and Case Study. 3 IoT Model in IIIf, Attack Trees Analysis and Refinement to Distributed Ledger. |
| Record Nr. | UNISA-996589546603316 |
|
Katsikas Sokratis
|
||
| Cham : , : Springer Nature Switzerland : , : Imprint : Springer, , 2024 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. di Salerno | ||
| ||
Proceedings of the 6th ACM on Cyber-Physical System Security Workshop / / Sokratis Katsikas
| Proceedings of the 6th ACM on Cyber-Physical System Security Workshop / / Sokratis Katsikas |
| Autore | Katsikas Sokratis |
| Pubbl/distr/stampa | New York : , : Association for Computing Machinery, , 2020 |
| Descrizione fisica | 1 online resource (72 pages) |
| Disciplina | 004 |
| Collana | ACM Conferences |
| Soggetto topico | Computer science |
| Formato | Materiale a stampa |
| Livello bibliografico | Monografia |
| Lingua di pubblicazione | eng |
| Record Nr. | UNINA-9910510469103321 |
|
Katsikas Sokratis
|
||
| New York : , : Association for Computing Machinery, , 2020 | ||
| Materiale a stampa | ||
| Lo trovi qui: Univ. Federico II | ||
| ||