Location via proxy:   [ UP ]  
[Report a bug]   [Manage cookies]                
ISSN: 2032-9393
Submit Article
Submission Instructions
Open Access Information
Ethics and Malpractice Statement
Most Recent Issue
2021
Issue 30Issue 29Issue 28Issue 27
2020
Issue 24Issue 26Issue 25Issue 23
2019
Issue 22Issue 21Issue 20Issue 19
2018
Issue 18Issue 17Issue 16Issue 15
2017
Issue 14Issue 13Issue 12Issue 11
2016
Issue 10Issue 9Issue 8Issue 7
2015
Issue 6Issue 5Issue 4Issue 3
2011
Issue 2Issue 1

Visit the new journal website to submit and consult our contents: https://publications.eai.eu/index.php/sesa/index

Editor(s)-in-Chief: Sanjay Goel

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require the security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication.

Moreover, we need technology to enable network security monitoring and tracing and to assess the trustworthiness of infrastructures and services. It must ensure the protection of personal data and privacy and properly assign liability and risks, together with the appropriate governance models needed to do so. Furthermore, this is applied to the settings of Public Safety in general.

  • Yao Liu (University of South Florida, USA)
  • Kai Zeng (George Mason University, USA)
  • Linhai Song (Penn State University, USA)
  • Zhiguo Wan (Shangdong University, China)
  • Issa Khalil (Qatar Computing Research Institute, Qatar)
  • George Kesidis (Penn State University, USA)
  • Amro Awad (University of Central Florida, USA)
  • Eric Chan-Tin (Loyola University Chicago, USA)
  • Karim Elish (Florida Polytechnic University, USA)
  • Joongheon Kim (Korea University, Korea)
  • Eugene Vasserman (Kansas State University, USA)
  • An Wang (Case Western Reserve University, USA)
  • Jiawei Yuan (Embry-Riddle Aeronautical University, USA)
  • Mohammad Ashiqur Rahman (Florida International University, USA)
  • Sachin Shetty (Old Dominion University, USA)
  • Jeffrey Spaulding (Niagara University, USA)
  • Zhongshu Gu (IBM, USA)
  • Shujun Li (University of Kent, UK)
  • Heng Zhang (Western Sydney University, Australia)
  • Kaiqi Xiong (University of South Florida, USA)
  • Mohamed Amine Ferrag (Guelma University, Algeria)
  • Bo Luo (University of Kansas, USA)
  • Zhen Huang (DePaul University, USA)
  • Ziming Zhao, University at Buffalo, USA

  • How data-sharing nudges influence people's privacy preferences: A machine learning-based analysis

    Appears in:
    sesa 22(30): 3

    Authors:
    Yang Lu, Alex Freitas, Shujun Li, Athina Ioannou

    Published:
    16th Aug 2022

    Abstract:
    INTRODUCTION: Many online services use data-sharing nudges to solicit personal data from their customers for personalized services. OBJECTIVES: This study aims to study people’s privacy preferences in sharing different types of personal data under different nudging conditions, how digital nudging can change their data sharing willingness, and if people’s data sharing preferences can be predicted using their responses to a questionnaire. METHODS: This paper reports a machine learning-based analysis on people’s privacy preference patterns under four different data-sharing nudging conditions (without nudging, monetary incentives, non-monetary incentives, and privacy assurance). The analysis is based on data collected from 685 UK residents who participated in a panel survey. Their self-reported willingness levels towards sharing 23 different types of personal data were analyzed by using both unsupervised (clustering) and supervised (classification) machine learning algorithms. RESULTS: The results led to a better understanding of people’s privacy preference patterns across different data-sharing nudging conditions, e.g., our participants’ preferences are distributed in a space of 48 possible profiles more sparsely than we expected, and the unexpected observation that all the three data-sharing nudging strategies led to an overall negative effect: they led to a reduced level of self-reported willingness for more participants, comparing with the case of no nudging at all. Our experiments with supervised machine learning models also showed that people’s privacy (data-sharing) preference profiles can be automatically predicted with a good accuracy, even when a small questionnaire with just seven questions is used. CONCLUSION: Our work revealed a more complicated structure of people’s privacy preference profiles, which have some dependencies on the type of data nudging and the type of personal data shared. Such complicated privacy preference profiles can be effectively analyzed using machine learning methods, including automatic prediction based on a small questionnaire. The negative results on the overall effect of different data-sharing nudges imply that service providers should consider if and how to use such mechanisms to incentivise their consumers to share personal data. We believe that more consumer-centric and transparent methods and tools should be used to help improve trust between consumers and service providers.

  • A Systemic Security and Privacy Review: Attacks and Prevention Mechanisms over IOT Layers

    Appears in:
    sesa 22(30): 5

    Authors:
    Muhammad Shoaib Akhtar, Tao Feng

    Published:
    5th Aug 2022

    Abstract:
    In this contemporary era internet of things are used in every realm of life. Recent software’s (e.g., vehicle networking, smart grid, and wearable) are established in result of its use: furthermore, as development, consolidation, and revolution of varied ancient areas (e.g., medical and automotive). The number of devices connected in conjunction with the ad-hoc nature of the system any exacerbates the case. Therefore, security and privacy has emerged as a big challenge for the IoT. This paper provides an outline of IoT security attacks on Three-Layer Architecture: Three-layer such as application layer, network layer, perception layer/physical layer and attacks that are associated with these layers will be discussed. Moreover, this paper will provide some possible solution mechanisms for such attacks. The aim is to produce a radical survey associated with the privacy and security challenges of the IoT. This paper addresses these challenges from the attitude of technologies and design used. The objective of this paper is to rendering possible solution for various attacks on different layers of IoT architecture. It also presents comparison based on reviewing multiple solutions and defines the best one solution for a specific attack on particular layer.

  • Mitigating Vulnerabilities in Closed Source Software

    Appears in:
    sesa 22(30): 4

    Authors:
    Zhen Huang, Xiaowei Yu, Gang Tan

    Published:
    4th Aug 2022

    Abstract:
    Many techniques have been proposed to harden programs with protection mechanisms to defend against vulnerability exploits. Unfortunately the vast majority of them cannot be applied to closed source software because they require access to program source code. This paper presents our work on automatically hardening binary code with security workarounds, a protection mechanism that prevents vulnerabilities from being triggered by disabling vulnerable code. By working solely with binary code, our approach is applicable to closed source software. To automatically synthesize security workarounds, we develop binary program analysis techniques to identify existing error handling code in binary code, synthesize security workarounds in the form of binary code, and instrument security workarounds into binary programs. We designed and implemented a prototype or our approach for Windows and Linux binary programs. Our evaluation shows that our approach can apply security workarounds to an average of 69.3% of program code and the security workarounds successfully prevents exploits to trigger real-world vulnerabilities.

  • Comparing Online Surveys for Cybersecurity: SONA and MTurk

    Appears in:
    sesa 22(30): 2

    Authors:
    Shelia Kennison, Anne Wagner, Anna Bakas, Eric Chan-Tin

    Published:
    8th Feb 2022

    Abstract:
    People have many accounts and usually need to create a password for each. They tend to create insecure passwords and re-use passwords, which can lead to compromised data. This research examines if there is a link between personality type and password security among a variety of participants in two groups of participants: SONA and MTurk. Each participant in both surveys answered questions based on password security and their personality type. Our results show that participants in the MTurk survey were more likely to choose a strong password and to exhibit better security behaviors and knowledge than participants in the SONA survey. This is mostly attributed to the age difference. However, the distribution of the results was similar for both MTurk and SONA. In the second part of our study, we found that security behaviors actually went down – this could be due to the pandemic or indicative of a need for more regular messaging/training.

  • Dynamic Risk Assessment and Analysis Framework for Large-Scale Cyber-Physical Systems

    Appears in:
    sesa 22(30): 1

    Authors:
    Adeel A. Malik, Deepak K. Tosh

    Published:
    25th Jan 2022

    Abstract:
    Cyberspace is growing at full tilt creating an amalgamation of disparate systems. This heterogeneity leads to increased system complexity and security flaws. It is crucial to understand and identify these flaws to prevent catastrophic events. However, the current state-of-the-art solutions are threat-specific and focus on either risk, vulnerabilities, or adversary emulation. In this work, we present a scalable Cyber-threats and Vulnerability Information Analyzer (CyVIA) framework. CyVIA analyzes cyber risks and abnormalities in real-time using multi-formatted knowledge bases derived from open-source vulnerability databases. CyVIA achieves the following goals: 1) assess the target network for risk and vulnerabilities, 2) map services and policies to network nodes, 3) classify nodes based on severity, and 4) provide consequences, mitigation, and relationships for the found vulnerabilities. We use CyVIA and other tools to examine a simulated network for threats and compare the results.

  • Device Authentication Codes based on RF Fingerprinting using Deep Learning

    Appears in:
    sesa 21(29): e5

    Authors:
    Xiangfang Li, Joshua Bassey, Lijun Qian

    Published:
    30th Nov 2021

    Abstract:
    In this paper, we propose Device Authentication Code (DAC), a novel method for authenticating IoT devices with wireless interface, by exploiting their radio frequency (RF) signatures. The proposed DAC is based on RF fingerprinting, an information-theoretic method, feature learning, and the discriminatory power of deep learning. Specifically, an autoencoder is used to automatically extract features from the RF traces and the reconstruction error is used as the DAC, and this DAC is unique to each individual device. Then Kolmogorov-Smirnov (K-S) test is used to match the distribution of the reconstruction error generated by the receiver and the DAC in the received message, and the result will determine whether the device of interest is an intruder. We validate this concept on two experimentally collected RF traces from six ZigBee devices and five universal software defined radio peripheral devices, respectively. The traces span a range of Signal-to-Noise Ratio by varying locations, mobility of the devices, channel interference, and noise to ensure robustness of the model. Experimental results demonstrate that DAC is able to prevent device impersonation by extracting salient features that are unique to each wireless device of interest and can be used to identify radio frequency devices. Furthermore, the proposed method does not need the RF traces of the intruder during model training to be able to identify devices not seen during training, which makes it practical.

  • FedADMP: A Joint Anomaly Detection and Mobility Prediction Framework via Federated Learning

    Appears in:
    sesa 21(29): e4

    Authors:
    Jian Li, Ping Yang, Zezhang Yang

    Published:
    21st Oct 2021

    Abstract:
    With the proliferation of mobile devices and smart cameras, detecting anomalies and predicting their mobility are critical for enhancing safety in ubiquitous computing systems. Due to data privacy regulations and limited communication bandwidth, it is infeasible to collect, transmit, and store all data from mobile devices at a central location. To overcome this challenge, we propose FedADMP, a federated learning based joint Anomaly Detection and Mobility Prediction framework. FedADMP adaptively splits the training process between the server and clients to reduce computation loads on clients. To protect the privacy of user data, clients in FedADMP upload only intermediate model parameters to the cloud server. We also develop a differential privacy method to prevent the cloud server and external attackers from inferring private information during the model upload procedure. Extensive experiments using real-world datasets show that FedADMP consistently outperforms existing methods.

  • A Comprehensive Survey on Intrusion Detection based Machine Learning for IoT Networks

    Appears in:
    sesa 21(29): e3

    Authors:
    Hela Mliki, Abir Hadj Kaceam, Lamia Chaari

    Published:
    6th Oct 2021

    Abstract:
    The Internet of things (IoT) is a new ubiquitous technology that relies on heterogeneous devices and protocols. The IoT technologies are expected to offer a new level of connectivity thanks to its smart devices able to enhance everyday tasks and facilitate smart decisions based on sensed data. The IoT could collect sensitive data and should be able to face attacks and privacy issues. The IoT security issue is a hot topic of research and industrial concern. Indeed, threats against IoT devices and services could cause security breaches and data leakage. Aiming to identify attempts to abuse the IoT systems and mitigate malicious events, this paper studied the Intrusion Detection Systems (IDS) based on Machine Learning (ML) techniques. The ML approach could provide good tools to detect novel intrusion activities in a timely manner. This paper, therefore, highlighted the related issues to develop secured and efficient IoT services. It tried to allow a comprehensive review of IoT features and design. It mainly focused on intrusion detection based on the machine learning schema and built a taxonomy of different IoT attacks and threats. This paper also compared between the different intrusion detection techniques and established a taxonomy of machine leaning methods for intrusion detection solutions.

  • Leveraging attention-based deep neural networks for security vetting of Android applications

    Appears in:
    sesa 21(29): e2

    Authors:
    Doina Caragea, Prabesh Poudel, Prabesh Pathak, Sankardas Roy

    Published:
    27th Sep 2021

    Abstract:
    Many traditional machine learning and deep learning algorithms work as a black box and lack interpretability. Attention-based mechanisms can be used to address the interpretability of such models by providing insights into the features that a model uses to make its decisions. Recent success of attention-based mechanisms in natural language processing motivates us to apply the idea for security vetting of Android apps. An Android app’s code contains API-calls that can provide clues regarding the malicious or benign nature of an app. By observing the pattern of the API-calls being invoked, we can interpret the predictions of a model trained to separate benign apps from malicious apps. In this paper, using the attention mechanism, we aim to find the API-calls that are predictive with respect to the maliciousness of Android apps. More specifically, we target to identify a set of API-calls that malicious apps exploit, which might help the community discover new signatures of malware. In our experiment, we work with two attention-based models: Bi-LSTM Attention and Self-Attention. Our classification models achieve high accuracy in malware detection. Using the attention weights, we also extract the top 200 API-calls (that reflect the malicious behavior of the apps) from each of these two models, and we observe that there is significant overlap between the top 200 API-calls identified by the two models. This result increases our confidence that the top 200 API-calls can be used to improve the interpretability of the models.

  • Binary Code Similarity Detection through LSTM and Siamese Neural Network

    Appears in:
    sesa 21(29): e1

    Authors:
    Tao Hou, Hui Zeng, Zhuo Lu, Xiangrong Zhou, Zhengping Luo

    Published:
    14th Sep 2021

    Abstract:
    Given the fact that many software projects are closed-source, analyzing security-related vulnerabilities at the binary level is quintessential to protect computer systems from attacks of malware. Binary code similarity detection is a potential solution for detecting malware from the binaries generated by the processor. In this paper, we proposed a malware detection mechanism based on the binaries using machine learning techniques. Through utilizing the Recurrent Neural Network (RNN), more specifically Long Short-Term Memory (LSTM) network, we generate the uniformed feature embedding of each binary file and further take advantage of the Siamese Neural Network to compute the similarity measure of the extracted features. Therefore, the security risks of the software projects can be evaluated through the similarity measure of the corresponding binaries with existing trained malware. Our real-world experimental results demonstrate a convincing performance in distinguishing out the outliers, and achieved slightly better performance compared with existing state-of-the-art methods.

  • A Deep Learning Approach for Network Intrusion Detection System

    Appears in:
    sesa 16(9): e2

    Authors:
    Weiqing Sun, Quamar Niyaz, Ahmad Javaid, Mansoor Alam

    Downloads:
    21352

    Abstract:
    A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in their organizations. However, many challenges arise while developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for developing such an efficient and flexible NIDS. We use Self-taught Learning (STL), a deep learning based technique, on NSL-KDD - a benchmark dataset for network intrusion. We present the performance of our approach and compare it with a few previous work. Compared metrics include accuracy, precision, recall, and f-measure values.

  • Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus

    Appears in:
    sesa 18(15): e5

    Authors:
    Tim Niklas Witte

    Downloads:
    15853

    Abstract:
    Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.

  • Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures

    Appears in:
    sesa 18(16): e1

    Authors:
    Mithun Mukherjee, Leandros Maglaras, Abdelouahid Derhab, Stylianos Rallis, Helge Janicke, Mohamed Amine Ferrag

    Downloads:
    5847

    Abstract:
    As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a significant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classified according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.

  • Evaluation of Cryptography Usage in Android Applications

    Appears in:
    sesa 16(9): e4

    Authors:
    Georgios Karopoulos, Christos Xenakis, Christoforos Ntantogian, Alexia Chatzikonstantinou

    Downloads:
    5335

    Abstract:
    Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google Play marketplace and performed static and dynamic analysis in an attempt to detect possible cryptographic misuses. The results showed that 87.8% of the applications present some kind of misuse, while for the rest of them no cryptography usage was detected during the analysis. Finally, we suggest countermeasures, mainly intended for developers, to alleviate the issues identified by the analysis.

  • Threat Modeling for Cloud Infrastructures

    Appears in:
    sesa 18(17): e5

    Authors:
    Anoop Singhal, Nawaf Alhebaishi, Lingyu Wang

    Downloads:
    5215

    Abstract:
    Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its flexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited efforts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling efforts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only benefit the cloud provider but also embed more confidence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.

  • A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)

    Appears in:
    sesa 17(12): e2

    Authors:
    Ahmad Y. Javaid, Quamar Niyaz, Weiqing Sun

    Downloads:
    3322

    Abstract:
    Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged software-defined networking (SDN) and deep learning (DL) concepts promise to revolutionize their respective domains. SDN keeps the global view of the entire managed the network from a single point, i.e., the controller, thus making the network management easier. DL-based approaches improve feature extraction/reduction from a high-dimensional dataset such as network traffic headers. This work proposes a deep learning based multi-vector DDoS detection system in an SDN environment. The detection system is implemented as a network application on top of the SDN controller and can monitor the managed network traÿc. Performance evaluation is based on different metrics by applying the system on traÿc traces collected from different scenarios. A high accuracy with low false-positive rate is observed in attack detection for the proposed system.

  • Forget the Myth of the Air Gap: Machine Learning for Reliable Intrusion Detection in SCADA Systems

    Appears in:
    sesa 19(19): e3

    Authors:
    Florian Adamsky, Thomas Engel, Ridha Soua, Rocio Lopez Perez

    Downloads:
    3039

    Abstract:
    Since Critical Infrastructures (CIs) use systems and equipment that are separated by long distances, Supervisory Control And Data Acquisition (SCADA) systems are used to monitor their behaviour and to send commands remotely. For a long time, operator of CIs applied the air gap principle, a security strategy that physically isolates the control network from other communication channels. True isolation, however, is difficult nowadays due to the massive spread of connectivity: using open protocols and more connectivity opens new network attacks against CIs. To cope with this dilemma, sophisticated security measures are needed to address malicious intrusions, which are steadily increasing in number and variety. However, traditional Intrusion Detection Systems (IDSs) cannot detect attacks that are not already present in their databases. To this end, we assess in this paper Machine Learning (ML) techniques for anomaly detection in SCADA systems using a real data set collected from a gas pipeline system and provided by the Mississippi State University (MSU). The contribution of this paper is two-fold: 1) The evaluation of four techniques for missing data estimation and two techniques for data normalization, 2) The performances of Support Vector Machine (SVM), Random Forest (RF), Bidirectional Long Short Term Memory (BLSTM) are assessed in terms of accuracy, precision, recall and F1 score for intrusion detection. Two cases are differentiated: binary and categorical classifications. Our experiments reveal that RF and BLSTM detect intrusions effectively, with an F1 score of respectively > 99% and > 96%.

  • A V2X Message Evaluation Methodology and Cross-Domain Modelling of Safety Applications in V2X-enabled E/E-Architectures

    Appears in:
    sesa 15(8): e1

    Authors:
    Marius-Florin Buciuman, Oliver Sander, Jürgen Becker, Alexander Klimm, Harald Bucher

    Downloads:
    2896

    Abstract:
    The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons) of all vehicles, but also have strict real-time requirements. Regarding automotive E/E architectures this continuous broadcasting adds heavy internal E/E data traffic that needs to be processed in real-time by Electronic Control Units (ECUs). In this work we address this issue by proposing a novel cluster-based message evaluation methodology to significantly reduce internal E/E network traffic by discarding irrelevant messages. The approach is only depending on information received over beacons. It combines a vehicle clustering strategy as well as network and vehicle state monitoring capabilities in order to correctly evaluate messages under real-time constraints. The proposed methodology is modeled inside an abstract ECU. It is evaluated by simulating a model-based CACC application under different traffic scenarios. It is shown that a significant reduction of messages is achievable, while still guaranteeing accident-free behavior of CACC.

  • Reviewing the book “Principles of Cyber-physical Systems” from a security perspective

    Appears in:
    sesa 15(4): e6

    Authors:
    Peng Liu, Minghui Zhu

    Downloads:
    2694

    Abstract:
    This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.

  • Identify Vulnerability Fix Commits Automatically Using Hierarchical Attention Network

    Appears in:
    sesa 20(23): e2

    Authors:
    Yuqing Zhang, Hongu Sun, Hantao Feng, Wenjie Wang, Mingxin Sun

    Downloads:
    2345

    Abstract:
    The application of machine learning and deep learning in the field of vulnerability detection is a hot topic in security research, but currently it faces the problem of lack of dataset. Considering vulnerable code can be obtained from vulnerability fix commits, we propose an automatic vulnerability commit identification tool based on hierarchical attention network (HAN) to expand existing vulnerability dataset. HAN can model the input data at the word and sentence levels respectively and pay attention to the changes in the characteristics of different words in different categories, which improves the classification performance. Experimental results show that the accuracy and F1 of our model both achieve 92%. Through the vulnerability fix commit, researchers can quickly locate the vulnerable code. And extracting vulnerable code from open-source software can effectively expand the current dataset due to the enormous number of open-source software.
Publisher
EAI
ISSN
2032-9393
Number of Volumes
8
Last Published
2022-08-05
EAI Logo

About EAI

Community

Publish with EAI