Filters








52 Hits in 7.8 sec

CIS: The Crypto Intelligence System for automatic detection and localization of cryptographic functions in current malware

Felix Matenaar, Andre Wichmann, Felix Leder, Elmar Gerhards-Padilla
2012 2012 7th International Conference on Malicious and Unwanted Software  
In this paper, we present the architecture of CIS, the Crypto Intelligence System, that fulfills the requirements for such a framework.  ...  The overall evaluation, using real programs, shows that CIS simplifies the job of an analysts significantly with a high detection and low false positive ratio.  ...  Design In the following, the architecture of the Crypto Intelligence System (CIS) is described.  ... 
doi:10.1109/malware.2012.6461007 dblp:conf/malware/MatenaarWLG12 fatcat:vjokrqozqnd3bfynkf2szom6ba

Alterdroid: Differential Fault Analysis of Obfuscated Smartphone Malware

Guillermo Suarez-Tangil, Juan Tapiador, Flavio Lombardi, Roberto Di Pietro
2015 IEEE Transactions on Mobile Computing  
The key idea in ALTERDROID consists of analyzing the behavioral differences between the original app and a number of automatically generated versions of it, where a number of modifications (faults) have  ...  In this paper, we describe ALTERDROID, a dynamic analysis approach for detecting such hidden or obfuscated malware components distributed as parts of an app package.  ...  This work was partially supported by the MINECO grant TIN2013-46469-R (SPINY: Security and Privacy in the Internet of You) and the CAM Grant S2013/ICE-3095 (CIBERDINE: Cybersecurity, Big Data, and Risks  ... 
doi:10.1109/tmc.2015.2444847 fatcat:7sfslmsnevfolnheoiwujwe35a

HelDroid: Dissecting and Detecting Mobile Ransomware [chapter]

Nicoló Andronio, Stefano Zanero, Federico Maggi
2015 Lecture Notes in Computer Science  
Even state-of-the-art mobile malware detection approaches are ineffective against ransomware apps because of the subtle attack scheme.  ...  On a large dataset comprising hundreds of thousands of APKs including goodware, malware, scareware, and ransomware, Hel-Droid exhibited nearly zero false positives and the capability of recognizing unknown  ...  We are thankful to the anonymous reviewers and our shepherd, Patrick Traynor, for the insightful comments, Steven Arzt, who helped us improving FlowDroid to track flows across threads, and Daniel Arp from  ... 
doi:10.1007/978-3-319-26362-5_18 fatcat:jsiezhjh2neyfitcoqoqeccavm

A Revised Attack Taxonomy for a New Generation of Smart Attacks

Robert Koch, Mario Golling, Gabi Dreo Rodosek
2014 Computer and Information Science  
Since these Smart Attacks are specifically designed to permeate state of the art technologies, current systems like Intrusion Detection Systems (IDSs) are failing to guarantee an adequate protection.  ...  Thereafter, individual facets of Smart Attacks are presented in more detail, before recent examples are illustrated and classified using these dimensions.  ...  Acknowledgements This work was partly funded by Flamingo, a Network of Excellence project (ICT-318488) supported by the European Commission under its Seventh Framework Programme.  ... 
doi:10.5539/cis.v7n3p18 fatcat:xwux5bn4izgapfq2arq5b42h64

Zero Trust Architecture (ZTA): A Comprehensive Survey

Naeem Firdous Syed, Syed W. Shah, Arash Shaghaghi, Adnan Anwar, Zubair Baig, Robin Doss
2022 IEEE Access  
We describe the role of authentication and access control in Zero Trust Architectures (ZTA) and present an in-depth discussion of state-of-the-art techniques for authentication and access control in different  ...  The article employs a descriptive approach to present the fundamental tenets of ZT and provides a review of numerous potential options available for successful realization of this paradigm.  ...  for trust calculation in CI.  ... 
doi:10.1109/access.2022.3174679 fatcat:w7c27guoqzfdffhjnpgerlnnse

PenQuest: a gamified attacker/defender meta model for cyber security assessment and education

Robert Luh, Marlies Temper, Simon Tjoa, Sebastian Schrittwieser, Helge Janicke
2019 Journal in Computer Virology and Hacking Techniques  
In this article, we introduce PenQuest, a meta model designed to present a complete view on information system attacks and their mitigation while providing a tool for both semantic data enrichment and  ...  Attacks on IT systems are a rising threat against the confidentiality, integrity, and availability of critical information and infrastructures.  ...  The financial support by the Austrian Federal Ministry for Digital and Economic Affairs and the National Foundation for Research, Technology and Development is gratefully acknowledged.  ... 
doi:10.1007/s11416-019-00342-x fatcat:yvkqc7ut4bdm5pskgeh5lyk7qi

Towards Measuring Supply Chain Attacks on Package Managers for Interpreted Languages [article]

Ruian Duan, Omar Alrawi, Ranjita Pai Kasturi, Ryan Elder, Brendan Saltaformaggio, Wenke Lee
2020 arXiv   pre-print
We outline the challenges of tailoring program analysis tools to interpreted languages and release our pipeline as a reference point for the community to build on and help in securing the software supply  ...  To understand the security gaps and the misplaced trust that make recent supply chain attacks possible, we propose a comparative framework to qualitatively assess the functional and security features of  ...  Any opinions, findings, and conclusions in this paper are those of the authors and do not necessarily reflect the views of our sponsors or collaborators.  ... 
arXiv:2002.01139v2 fatcat:n3k62ggdorag5ep5isqznct3z4

Brain leaks and consumer neurotechnology

Marcello Ienca, Pim Haselager, Ezekiel J Emanuel
2018 Nature Biotechnology  
Take Boleto, a payment system used in Brazil for example. Boleto may be considered a niche, very local system, and yet in 2015, three malware families emerged specifically targeting it.  ...  Led by the Center for Internet Security (CIS), the CIS Critical Security Controls ("the Controls") have been matured by an international community of individuals and institutions, and were updated in 2015  ...  Operating one of the world's largest cyber intelligence networks, we see more threats, and protect more customers from the next generation of attacks.  ... 
doi:10.1038/nbt.4240 pmid:30188521 fatcat:dwoyvyborfdifdkklju3p3qek4

Consumer, Commercial and Industrial IoT (In)Security: Attack Taxonomy and Case Studies

Christos Xenofontos, Ioannis Zografopoulos, Charalambos Konstantinou, Alireza Jolfaei, Muhammad Khurram Khan, Kim-Kwang Raymond Choo
2021 IEEE Internet of Things Journal  
A 2020 study conducted by Nokia's threat intelligence labs, for example, indicated that IoT devices account for almost 30% of the attacks encountered in mobile and wireless networks (e.g., WiFi, Bluetooth  ...  Internet of Things (IoT) devices are becoming ubiquitous in our lives, with applications spanning from the consumer domain to commercial and industrial systems.  ...  The security analysis in [63] reveals references to many insecure code functions on the Crew Information System -Maintenance System (CIS/MS) module such as strcpy, sprintf, and strcat, which can potentially  ... 
doi:10.1109/jiot.2021.3079916 fatcat:rfmkc6wrk5co3i7bl44ar432bi

D2.1 5G Security: Current Status and Future Trends

Grant Millar, Anastasios Kafchitsas, Orestis Mavrooulos, Anastasios Kourtis, George Xilouris, Maria Christopoulou, Stavros Kolometsos, Edgardo Montes De Oca, Huu Nghia Nguyen, Antonio Pastor, Sonia Fernandez, Diego Lopez (+18 others)
2020 Zenodo  
cases, and the elicitation of security requirements from relevant stakeholders in 5G; the current status of 5G networks, the solutions state for securing 5G systems, the standardization effort in the  ...  This Deliverable presents the current security landscape of 5G networks, as well as the evolution of requirements and trends in 5G security.  ...  In the health area, 5G-HEART will validate pill cameras for automatic detection in screening of colon cancer and vital-sign patches with advanced geo-localization as well as 5G AR/VR paramedic services  ... 
doi:10.5281/zenodo.3947893 fatcat:bg7jnn5ph5fv3gjp7pqacy3us4

Development of a concept for building a critical infrastructure facilities security system

Serhii Yevseiev, Yevgen Melenti, Oleksandr Voitko, Vitalii Hrebeniuk, Anna Korchenko, Serhii Mykus, Oleksandr Milov, Oleksandr Prokopenko, Оleksandr Sievierinov, Dmytro Chopenko
2021 Eastern-European Journal of Enterprise Technologies  
The concept of building security systems based on a variety of models describing various CIF functioning aspects is presented.  ...  with regulatory requirements and the state of the security system.  ...  This allows simulating local loss of function or bandwidth in the infrastructure as a whole, and then applying a decision support system using nonlinear optimization.  ... 
doi:10.15587/1729-4061.2021.233533 fatcat:zkxs6iqjrfh2xe3beibpqkr4ba

Secure Edge Computing with Lightweight Control-Flow Property-based Attestation

Nikos Koutroumpouchos, Christoforos Ntantogian, Sofia-Anna Menesidou, Kaitai Liang, Panagiotis Gouvas, Christos Xenakis, Thanassis Giannetsos
2019 2019 IEEE Conference on Network Softwarization (NetSoft)  
In the face of an increasing attack landscape, it is necessary to cater for the provision of efficient mechanisms to collectively verify software-and deviceintegrity in order to detect run-time modifications  ...  and limited in function, thus, allowing for a much more efficient verication.  ...  to be collected from a system, in case it fails to attest some of its properties, so as to perform a more in-depth investigation of the system's behaviour towards detecting if any type of malware is resident  ... 
doi:10.1109/netsoft.2019.8806658 dblp:conf/netsoft/Koutroumpouchos19 fatcat:fqxbdi4m5jdwfaf5srmlllhy3u

Prêt à Voter Providing Everlasting Privacy [chapter]

Denise Demirel, Maria Henning, Jeroen van de Graaf, Peter Y. A. Ryan, Johannes Buchmann
2013 Lecture Notes in Computer Science  
Hugo Jonker for organising a PhD workshop on voting in 2012 at which the authors of this paper met and came up with the ideas for this paper.  ...  and in part by the German Federal Ministry of Education and Research (BMBF) via the project "BoRoVo -BoardRoomVoting".  ...  According to the current regulation of § 7.1 Federal Voting Machine Ordinance, the local authority could be in charge for this.  ... 
doi:10.1007/978-3-642-39185-9_10 fatcat:5dkjajb5rjfstef4csslxlu4cm

Hiding from Whom?

Ksenia Ermoshina, Francesca Musiani
2018 intermédialités  
ACKNOWLEDGEMENTS The authors would like to extend their deepest gratitude to a number of individuals who have provided support and feedback in the production of this report, including (in alphabetical  ...  Any errors remain the fault of the authors alone.  ...  pin and a fingerprint scan). 3 INFORMATION BOX 1: UNDERSTANDING THE STRENGTH OF A CRYPTOGRAPHIC SYSTEM The cryptographic strength of an encryption algorithm is generally a function of the length of  ... 
doi:10.7202/1058473ar fatcat:z2x3cfbpczehjgpmlzxjsfkrd4

D2.1 5G Security: Current Status and Future Trends

Grant Millar, Anastasios Kafchitsas, Orestis Mavrooulos, Anastasios Kourtis, George Xilouris, Maria Christopoulou, Stavros Kolometsos, Edgardo Montes De Oca, Huu Nghia Nguyen, Antonio Pastor, Sonia Fernandez, Diego Lopez (+18 others)
2020 Zenodo  
cases, and the elicitation of security requirements from relevant stakeholders in 5G; the current status of 5G networks, the solutions state for securing 5G systems, the standardization effort in the  ...  This Deliverable presents the current security landscape of 5G networks, as well as the evolution of requirements and trends in 5G security.  ...  In the health area, 5G-HEART will validate pill cameras for automatic detection in screening of colon cancer and vital-sign patches with advanced geo-localization as well as 5G AR/VR paramedic services  ... 
doi:10.5281/zenodo.4569519 fatcat:7aersbhzyrccrn563shazvj4dq
« Previous Showing results 1 — 15 out of 52 results