160 Result(s)
-
Article
Open Access“Animation” URL in NFT marketplaces considered harmful for privacy
Non-Fungible Tokens (NFTs) are becoming increasingly popular as a way to represent and own digital property. However, the usage of NFTs also prompts questions about privacy. In this work, we show that it is po...
-
Article
Open AccessA distributed and cooperative signature-based intrusion detection system framework for multi-channel man-in-the-middle attacks against protected Wi-Fi networks
A Multi-Channel Man-in-the-Middle (MC-MitM) attack is an advanced form of MitM attack, characterized by its ability to manipulate encrypted wireless communications between the Access Point (AP) and clients wit...
-
Article
Open AccessUnmasking SDN flow table saturation: fingerprinting, attacks and defenses
Software-Defined Networking stands as a pivotal technology in attaining the essential levels of flexibility and scalability demanded by pervasive and high-performance network infrastructure required for digita...
-
Article
Open AccessSecuring the IoT ecosystem: ASIC-based hardware realization of Ascon lightweight cipher
The Internet of Things (IoT) nodes consist of sensors that collect environmental data and then perform data exchange with surrounding nodes and gateways. Cybersecurity attacks pose a threat to the data securit...
-
Article
Open AccessEnhancing DevSecOps practice with Large Language Models and Security Chaos Engineering
Recently, the DevSecOps practice has improved companies’ agile production of secure software, reducing problems and improving return on investment. However, overreliance on security tools and traditional secur...
-
Article
Open AccessBluetooth security analysis of general and intimate health IoT devices and apps: the case of FemTech
The number of digital health products is increasing faster than ever. These technologies (e.g. mobile apps and connected devices) collect massive amounts of data about their users, including health, medical, s...
-
Article
Open AccessGuiding the implementation of data privacy with microservices
Privacy by design is nowadays recognized as essential in bringing data privacy into software systems. However, developers still face many challenges in reconciling privacy and software requirements and impleme...
-
Article
Open AccessA TCP-based covert channel with integrity check and retransmission
We propose a covert channel and its implementation in Windows OS. This storage channel uses the Initial Sequence Number of TCP to hide four characters of text and the identification field to “sign” the message an...
-
Article
Open AccessSecure multi-party computation with legally-enforceable fairness
Fairness is a security notion of secure computation and cannot always be achieved if an adversary corrupts a majority of parties in standard settings. Lindell (CT-RSA 2008) showed that imposing a monetary pena...
-
Article
Open AccessEnhancing privacy protections in national identification systems: an examination of stakeholders’ knowledge, attitudes, and practices of privacy by design
Privacy by Design (PbD) is a well-known concept that aims to provide a high level of protection for privacy throughout the entire life cycle of systems development. Despite the considerable attention from stak...
-
Article
Open AccessSecuring 5G virtual networks: a critical analysis of SDN, NFV, and network slicing security
5G, the current generation of communication networks is based on the standards defined by 3GPP and other organizations (ETSI, ENISA, NGMN). These standards define virtual networks supported by three basic tech...
-
Article
Open AccessThe awareness of operators: a goal-directed task analysis in SOCs for critical infrastructure
Security operation centers (SOCs) are increasingly established to meet the growing threat against cyber security. The operators of SOCs respond to complex incidents under time constraints. Within critical infr...
-
Article
Open AccessCollaborative intrusion detection using weighted ensemble averaging deep neural network for coordinated attack detection in heterogeneous network
Detecting coordinated attacks in cybersecurity is challenging due to their sophisticated and distributed nature, making traditional Intrusion Detection Systems often ineffective, especially in heterogeneous ne...
-
Article
Open AccessAutomating shareable cyber threat intelligence production for closed source software vulnerabilities: a deep learning based detection system
Software can be vulnerable to various types of interference. The production of cyber threat intelligence for closed source software requires significant effort, experience, and many manual steps. The objective...
-
Article
Open AccessEarly mitigation of CPU-optimized ransomware using monitoring encryption instructions
Ransomware attacks pose a significant threat to information systems. Server hosts, including cloud infrastructure as a service, are prime targets for ransomware developers. To address this, security mechanisms...
-
Article
Open AccessA comprehensive analysis on software vulnerability detection datasets: trends, challenges, and road ahead
As society’s dependence on information and communication systems (ICTs) grows, so does the necessity of guaranteeing the proper functioning and use of such systems. In this context, it is critical to enhance t...
-
Article
Open AccessMitigation of privilege escalation attack using kernel data relocation mechanism
Kernel memory corruption, which leads to a privilege escalation attack, has been reported as a security threat to operating systems. To mitigate privilege escalation attacks, several security mechanisms are pr...
-
Article
Open AccessUsing the ACE framework to enforce access and usage control with notifications of revoked access rights
The standard ACE framework provides authentication and authorization mechanisms similar to those of the standard OAuth 2.0 framework, but it is intended for use in Internet-of-Things environments. In particula...
-
Article
Open AccessSurvey-based analysis of cybersecurity awareness of Turkish seafarers
In recent years, vessels have become increasingly digitized, reflecting broader societal trends. As a result, maritime operations have become an attractive target for cyber threat actors. Despite the limited c...
-
Article
Open AccessEvaluating the merits and constraints of cryptography-steganography fusion: a systematic analysis
In today's interconnected world, safeguarding digital data's confidentiality and security is crucial. Cryptography and steganography are two primary methods used for information security. While these methods h...