EAI Endorsed Transactions on Security and Safety

EAI Endorsed Transactions on Security and Safety is an open access, peer-reviewed scholarly journal focused on security and safety of network and service infrastructures. The journal publishes research articles, review articles, commentaries, editorials, technical articles, and short communications with a quarterly frequency. Authors are not charged for article submission and processing.

Editor(s)-in-Chief: Sencun Zhu and David Mohaisen

Aims & Scope
Indexing
Editors in Chief
Editorial Board
Special Issues

Growing threats and increasingly also failures due to complexity may compromise the security and resilience of network and service infrastructures. Applications and services require security of data handling and we need new security architectures and scalable and interoperable security policies for this. There is a need to guarantee end-to-end security in data communications and storage, including identity management and authentication.

Moreover, we need technology to enable network security monitoring and tracing and to assess the trustworthiness of infrastructures and services. It must ensure the protection of personal data and privacy and to properly assign liability and risks, together with the appropriate governance models needed to do so. Furthermore this is applied to the settings of Public Safety in general.

Blockchain and Applications
Cyber Threat Intelligence
Network Intrusion Detection and Prevention, Firewalls, Packet Filters
Malware Analysis and Detection including Advanced Persistent Threats (APTs)
Web and Systems Security
Distributed Denial of Service Attacks and Defenses
Communication Privacy and Anonymity
Circumvention and Anti-Censorship Technologies
Cyber Forensics and Anti-Forensics
Vulnerabilities Identification and Exploitation Authentication Systems: Public Key Infrastructures, Key Management, Credential Management
Secure Routing, Naming/Addressing, Network Management
Security & Privacy in Pervasive and Ubiquitous Computing, e.g., RFIDs
Security & Privacy in Peer-to-Peer and Overlay Networks
Security & Privacy for Emerging Technologies: VoIP, Internet-of-Things, Social Networks
Security & Isolation in Cloud, Data Center and Software-Defined Networks
Security & Privacy in Wired, Wireless, Mobile, Hybrid, Sensor, Ad Hoc networks
Security & Privacy in Internet of Things (IoT) and Industrial IoT (IIoT)
Security & Privacy in Cyber Physical Systems (CPS)

Call for Papers: Special issue on: Security and Privacy Issues for the Artificial Intelligence Era (Manuscript submission deadline: 2020-08-20; Notification of acceptance: 2020-09-20; Submission of final revised paper: 2020-10-22; Publication of special issue (tentative): 2020-11-12)

Guest editors: Ximeng Liu (Fuzhou University, China)

Guest editors: Kim-Kwang Raymond Choo (The University of Texas at San Antonio, USA)

Guest editors: Yinbin Miao (City University of Hong Kong, China)

Guest editors: Yang Yang (Singapore Management University, Singapore)

Yao Liu (University of South Florida, USA)
Kai Zeng (George Mason University, USA)
Rui Zhang (University of Delaware, USA)
Linhai Song (Penn State University, USA)
Zhiguo Wan (Shangdong University, China)
Issa Khalil (Qatar Computing Research Institute, Qatar)
George Kesidis (Penn State University, USA)
Amro Awad (University of Central Florida, USA)
Eric Chan-Tin (Loyola University Chicago, USA)
Karim Elish (Florida Polytechnic University, USA)
Joongheon Kim (Korea University, Korea)
Eugene Vasserman (Kansas State University, USA)
An Wang (Case Western Reserve University, USA)
Jiawei Yuan (Embry-Riddle Aeronautical University, USA)
Mohammad Ashiqur Rahman (Florida International University, USA)
Sachin Shetty (Old Dominion University, USA)
Jeffrey Spaulding (Niagara University, USA)
Zhongshu Gu (IBM, USA)
Shujun Li (University of Kent, UK)
Heng Zhang (Western Sydney University, Australia)
Kaiqi Xiong (University of South Florida, USA)
Mohamed Amine Ferrag (Guelma University, Algeria)

Sencun Zhu¹

Dr. Sencun Zhu is an associate professor of Department of Computer Science and Engineering at The Pennsylvania State University (PSU). He received the B.S. degree in precision instruments from Tsinghua University, , the M.S. degree in signal processing from the University of Science and Technology of China, Graduate School at Beijing, and the Ph.D. degree in information technology from George Mason University in 1996, 1999, and 2004, respectively. His research interests include wireless and mobile security, software and network security, fraud detection, and user online safety and privacy. . More details of his research can be found in http://www.cse.psu.edu/~sxz16/.

David Mohaisen²

University of Central Florida, USA

1: Department of Computer Science and Engineering and College of Information Sciences and Technology at The Pennsylvania State University (PSU)
2: University of Central Florida, USA

Online First
Recently Published
Most Popular

Minor Privacy Protection by Real-time Children Identification and Face Scrambling at the Edge
Appears in:
sesa 18: e3

Authors:
Alem Fitwi, Meng Yuan, Seyed Yahya Nikouei, Yu Chen

Published:
14th May 2020

Abstract:
The collection of personal information about individuals, including the minor members of a family, by closed circuit television (CCTV) cameras creates a lot of privacy concerns. Revealing children’s identiﬁcations or activities may compromise their well-being. In this paper, we propose a novel Mino…The collection of personal information about individuals, including the minor members of a family, by closed circuit television (CCTV) cameras creates a lot of privacy concerns. Revealing children’s identiﬁcations or activities may compromise their well-being. In this paper, we propose a novel Minor Privacy protection solution using Real-time video processing at the Edge (MiPRE). It is reﬁned to be feasible and accurate to identify minors and apply appropriate privacy-preserving measures accordingly. State of the art deep learning architectures are modiﬁed and repurposed to maximize the accuracy of MiPRE. A pipeline extracts face from the input frames and identify minors. Then, a lightweight algorithm scrambles the faces of the minors to anonymize them. Over 20,000 labeled sample points collected from open sources are used for classiﬁcation. The quantitative experimental results show the superiority of MiPRE with an accuracy of 92.1% with near real-time performance.
more »
Identify Vulnerability Fix Commits Automatically Using Hierarchical Attention Network
Appears in:
sesa 18: e2

Authors:
Mingxin Sun, Wenjie Wang, Hantao Feng, Hongu Sun, Yuqing Zhang

Published:
12th May 2020

Abstract:
The application of machine learning and deep learning in the ﬁeld of vulnerability detection is a hot topic in security research, but currently it faces the problem of lack of dataset. Considering vulnerable code can be obtained from vulnerability ﬁx commits, we propose an automatic vulnerability c…The application of machine learning and deep learning in the ﬁeld of vulnerability detection is a hot topic in security research, but currently it faces the problem of lack of dataset. Considering vulnerable code can be obtained from vulnerability ﬁx commits, we propose an automatic vulnerability commit identiﬁcation tool based on hierarchical attention network (HAN) to expand existing vulnerability dataset. HAN can model the input data at the word and sentence levels respectively and pay attention to the changes in the characteristics of diﬀerent words in diﬀerent categories, which improves the classiﬁcation performance. Experimental results show that the accuracy and F1 of our model both achieve 92%. Through the vulnerability ﬁx commit, researchers can quickly locate the vulnerable code. And extracting vulnerable code from open-source software can eﬀectively expand the current dataset due to the enormous number of open-source software.
more »
Measuring the Cost of Software Vulnerabilities
Appears in:
sesa 18: e1

Authors:
Afsah Anwar, Aminollah Khormali, Jinchun Choi, Hisham Alasmary, Sung J. Choi, Saeed Salem, DaeHun Nyang, David Mohaisen

Published:
12th May 2020

Abstract:
Enterprises are increasingly considering security as an added cost, making it necessary for those enterprises to see a tangible incentive in adopting security measures. Despite data breach laws, prior studies have suggested that only 4% of reported data breach incidents have resulted in litigation …Enterprises are increasingly considering security as an added cost, making it necessary for those enterprises to see a tangible incentive in adopting security measures. Despite data breach laws, prior studies have suggested that only 4% of reported data breach incidents have resulted in litigation in federal courts, showing the limited legal ramiﬁcations of security breaches and vulnerabilities. In this paper, we study the hidden cost of software vulnerabilities reported in the National Vulnerability Database (NVD) through stock price analysis. We perform a high-ﬁdelity data augmentation to ensure data reliability and to estimate vulnerability disclosure dates as a baseline for estimating the implication of software vulnerabilities. We further build a model for stock price prediction using the nonlinear autoregressive neural network with exogenous factors (NARX) Neural Network model to estimate the eﬀect of vulnerability disclosure on the stock price. Compared to prior work, which relies on linear regression models, our approach is shown to provide better prediction performance. Our analysis also shows that the eﬀect of vulnerabilities on vendors varies, and greatly depends on the speciﬁc software industry. Whereas some industries are shown statistically to be aﬀected negatively by the release of software vulnerabilities, even when those vulnerabilities are not broadly covered by the media, some others were not aﬀected at all.
more »

Editorial
Appears in:
sesa 20(22): e1

Authors:
David Mohaisen, Sencun Zhu

Published:
18th May 2020

Abstract:
more »
CPAR: Cloud-Assisted Privacy-preserving Image Annotation with Randomized k-d Forest
Appears in:
sesa 20(22): e5

Authors:
Yifan Tian, Jiawei Yuan, Yantian Hou

Published:
21st Apr 2020

Abstract:
With the explosive growth in the number of pictures taken by smartphones, organizing and searching pictures has become important tasks. To efficiently fulfill these tasks, the key enabler is annotating images with proper keywords, with which keyword-based searching and organizing become available…With the explosive growth in the number of pictures taken by smartphones, organizing and searching
pictures has become important tasks. To efficiently fulfill these tasks, the key enabler is annotating images
with proper keywords, with which keyword-based searching and organizing become available for images.
Currently, smartphones usually synchronize photo albums with cloud storage platforms, and have their
images annotated with the help of cloud computing. However, the “offloading-to-cloud” solution may cause
privacy breach, since photos from smart photos contain various sensitive information. For privacy protection,
existing research made effort to support cloud-based image annotation on encrypted images by utilizing
cryptographic primitives. Nevertheless, for each annotation, it requires the cloud to perform linear checking
on the large-scale encrypted dataset with high computational cost.
This paper proposes a cloud-assisted privacy-preserving image annotation with randomized k-d forest, namely
CPAR. With CPAR, users are able to automatically assign keywords to their images by leveraging the power
of cloud with privacy protected. CPAR proposes a novel privacy-preserving randomized k-d forest structure,
which significantly improves the annotation performance compared with existing research. Thorough analysis
is carried out to demonstrate the security of CPAR. Experimental evaluation on the well-known IAPR TC-12
dataset validates the efficiency and effectiveness of CPAR.
more »
Development of a Multifactor-Security-Protocol System Using Ambient Noise Synthesis
Appears in:
sesa 20(22): e4

Authors:
Agbotiname Lucky Imoize, Boluwatife Samuel Ben-Adeola, John Adetunji Adebisi

Published:
15th Apr 2020

Abstract:
The escalating cases of security threats on the global scene, especially in the cyberspace, demands urgent need to deploy sophisticated measures to mitigate these calamitous threats. To this end, various lock mechanisms have been developed and deployed to prevent access to control systems from po…The escalating cases of security threats on the global scene, especially in the cyberspace, demands urgent need to deploy
sophisticated measures to mitigate these calamitous threats. To this end, various lock mechanisms have been developed
and deployed to prevent access to control systems from potential intruders. This paper provides a solution to this pervasive
problem, addressing concerns on the physical and virtual components of an access control system. A locally generated
One-Time-Passkeys (OTPs) was created, leveraging ambient noise as entropy input. The system was deployed on an
Arduino microcontroller embedded in a safe-cabinet secured with a 12V solenoid lock. The design was implemented and
tested against standard metrics. Results achieved include algorithmic optimizations of existing local OTP protocol
implementations, and the realization of a safe lock module, which interfaces with a mobile application developed on
Android over a secured Bluetooth connection.
more »
Manipulating Users’ Trust on Amazon Echo: Compromising Smart Home from Outside
Appears in:
sesa 20(22): e3

Authors:
Yuxuan Chen, Xuejing Yuan, Aohui Wang, Kai Chen, Shengzhi Zhang, Heqing Huang

Published:
7th Apr 2020

Abstract:
Nowadays, voice control becomes a popular application that allows people to communicate with their devices more conveniently. Amazon Echo, designed around Alexa, is capable of controlling devices, e.g., smart lights, etc. Moreover, with the help of IFTTT (if-this-then-that) service, Amazon Echo’s …Nowadays, voice control becomes a popular application that allows people to communicate with their devices
more conveniently. Amazon Echo, designed around Alexa, is capable of controlling devices, e.g., smart lights, etc. Moreover, with the help of IFTTT (if-this-then-that) service, Amazon Echo’s skill set gets improved significantly. However, people who are enjoying these conveniences may not take security into account. Hence, it becomes important to carefully scrutinize the Echo’s voice control attack surface and the corresponding impacts. In this paper, we proposed MUTAE (Manipulating Users’ Trust on Amazon Echo) attack to remotely compromise Echo’s voice control interface. We also conducted security analysis and performed taxonomy based on different consequences considering the level of trust that users have placed on Echo. Finally, we also proposed mitigation techniques that protect Echo from MUTAE attack.
more »
Controlled BTG: Toward Flexible Emergency Override in Interoperable Medical Systems
Appears in:
sesa 20(22): e2

Authors:
Qais Tasali, Christine Sublett, Eugene Y. Vasserman

Published:
19th Feb 2020

Abstract:
INTRODUCTION: In medical cyber-physical systems (mCPS), availability must be prioritized over other security properties, making it challenging to craft least-privilege authorization policies which preserve patient safety and confidentiality even during emergency situations. For example, unauthori…INTRODUCTION: In medical cyber-physical systems (mCPS), availability must be prioritized over other
security properties, making it challenging to craft least-privilege authorization policies which preserve patient
safety and confidentiality even during emergency situations. For example, unauthorized access to device(s)
connected to a patient or an app controlling these devices could result in patient harm. Previous work has
suggested a virtual version of “Break the Glass” (BTG), an analogy to breaking a physical barrier to access
a protected emergency resource such as a fire extinguisher or “crash cart”. In healthcare, BTG is used to
override access controls and allow for unrestricted access to resources, e.g. Electronic Health Records. After a
“BTG event” completes, the actions of all concerned parties are audited to validate the reasons and legitimacy
for the override.

OBJECTIVES: Medical BTG has largely been treated as an all-or-nothing scenario: either a means to obtain
unrestricted access is provided, or BTG is not supported. We show how to handle BTG natively within the
ABAC model, maintaining full compatibility with existing access control frameworks, putting BTG in the
policy domain rather than requiring framework modifications. This approach also makes BTG more flexible,
allowing for fine-grained facility-specific policies, and even automates auditing in many situations, while
maintaining the principle of least-privilege.

METHODS: We do this by constructing a BTG “meta-policy” which works with existing access control policies
by explicitly allowing override when requested.

RESULTS: We present a sample BTG policy and formally verify that the resulting combined set of access
control policies correctly satisfies the goals of the original policy set and allows expanded access during a BTG
event. We show how to use the same verification methods to check new policies, easing the process of crafting
least-privilege policies.
more »
Security of HPC Systems: From a Log-analyzing Perspective
Appears in:
sesa 19(21): e5

Authors:
Zhengping Luo, Zhe Qu, Tung Thanh Nguyen, Hui Zeng, Zhuo Lu

Published:
1st Aug 2019

Abstract:
High Performance Computing (HPC) systems mainly focused on how to improve performances of the computing. It has competitive processing capacity both in terms of calculation speed and available memory. HPC infrastructures are valuable computing resources that need to be carefully guarded and avoid…High Performance Computing (HPC) systems mainly focused on how to improve performances of the
computing. It has competitive processing capacity both in terms of calculation speed and available memory.
HPC infrastructures are valuable computing resources that need to be carefully guarded and avoid being
maliciously used. Thus, vulnerabilities are quintessential issues in HPC systems due to most of jobs and
resources run or stored usually are sensitive and high-profit information. In this survey, we comprehensively
review securities of HPC systems from a log-analyzing perspective, including well-known attacks and widely
used defenses, especially intruder detection methods. We found that log files are used for the security purposes
much less than what we expected. How to use all the available log files comprehensively and employ state-ofthe-art intrusion techniques to improve the robustness of HPC systems still lies for future research.
more »
Do Metadata-based Deleted-File-Recovery (DFR) Tools Meet NIST Guidelines?
Appears in:
sesa 19(21): e4

Authors:
Andrew Meyer, Sankardas Roy

Published:
1st Aug 2019

Abstract:
Digital forensics (DF) tools are used for post-mortem investigation of cyber-crimes. CFTT (Computer Forensics Tool Testing) Program at National Institute of Standards and Technology (NIST) has defined expectations for a DF tool’s behavior. Understanding these expectations and how DF tools work is…Digital forensics (DF) tools are used for post-mortem investigation of cyber-crimes. CFTT (Computer Forensics
Tool Testing) Program at National Institute of Standards and Technology (NIST) has defined expectations for a
DF tool’s behavior. Understanding these expectations and how DF tools work is critical for ensuring integrity
of the forensic analysis results. In this paper, we consider standardization of one class of DF tools which are
for Deleted File Recovery (DFR). We design a list of canonical test file system images to evaluate a DFR tool.
Via extensive experiments we find that many popular DFR tools do not satisfy some of the standards, and we
compile a comparative analysis of these tools, which could help the user choose the right tool. Furthermore,
one of our research questions identifies the factors which make a DFR tool fail. Moreover, we also provide
critique on applicability of the standards. Our findings is likely to trigger more research on compliance of
standards from the researcher community as well as the practitioners.
more »
Applying Machine Learning Techniques to Understand User Behaviors When Phishing Attacks Occur
Appears in:
sesa 19(21): e3

Authors:
Yi Li, Kaiqi Xiong, Xiangyang Li

Published:
1st Aug 2019

Abstract:
Emails have been widely used in our daily life. It is important to understand user behaviors regarding email security situation assessments. However, there are very challenging and limited studies on email user behaviors. To study user security-related behaviors, we design and investigate an emai…Emails have been widely used in our daily life. It is important to understand user behaviors regarding
email security situation assessments. However, there are very challenging and limited studies on email user
behaviors. To study user security-related behaviors, we design and investigate an email test platform to
understand how users behave differently when they read emails, some of which are phishing. Specifically,
we conduct two experimental studies, where participants take part in our experiments on site in a lab
contained environment and online through Amazon Mechanical Turk that are referred to on-site study and
online study, respectively. In the two experimental studies, we design questionnaires for the two studies and
use a set of emails including phishing emails from the real world with some necessary modifications for
personal information protection. Furthermore, we develop necessary software tools to collect experimental
data include participants’ basic background information, time measurement, mouse movement, and their
answers to survey questions. Based on the collected data, we investigate what factors, such as intervention,
phishing types, and an incentive mechanism, play a key role in user behaviors when phishing attacks occur.
The difficulty of such investigation is due to the qualitative analysis of user behaviors and the limited number
of data in the on-site study. For these reasons, we develop an approach to quantify user behavior metrics
and reduce the number of user attributes by evaluating the significance of each attribute and analyzing
the correlation of attributes. Moreover, we propose a machine learning framework, which contains attribute
reduction, to find a critical point that classifies the performance of a participant into either ‘good’ or ‘bad’
through 10-fold cross-validation with randomly selected attributes cross-validation models. The proposed
machine learning model can be used to predict the performance of a user based on the user profile. Our data
analysis shows that intervention and an incentive mechanism play a significant role while phishing type I is
more harmful to users compared to the other two types. The findings of this research can be used to help a
user identify a phishing attack and prevent the user from being a victim of such an attack.
more »
Attacker Capability based Dynamic Deception Model for Large-Scale Networks
Appears in:
sesa 19(21): e2

Authors:
Md Ali Reza Al Amin, Sachin Shetty, Laurent Njilla, Deepak K. Tosh, Charles Kamouha

Published:
1st Aug 2019

Abstract:
In modern days, cyber networks need continuous monitoring to keep the network secure and available to legitimate users. Cyber attackers use reconnaissance mission to collect critical network information and using that information, they make an advanced level cyber-attack plan. To thwart the recon…In modern days, cyber networks need continuous monitoring to keep the network secure and available to legitimate users.
Cyber attackers use reconnaissance mission to collect critical network information and using that information, they make an
advanced level cyber-attack plan. To thwart the reconnaissance mission and counterattack plan, the cyber defender needs to
come up with a state-of-the-art cyber defense strategy. In this paper, we model a dynamic deception system (DDS) which
will not only thwart reconnaissance mission but also steer the attacker towards fake network to achieve a fake goal state. In
our model, we also capture the attacker’s capability using a belief matrix which is a joint probability distribution over the
security states and attacker types. Experiments conducted on the prototype implementation of our DDS confirm that the
defender can make the decision whether to spend more resources or save resources based on attacker types and thwart
reconnaissance mission.
more »
Human-Generated and Machine-Generated Ratings of Password Strength: What Do Users Trust More?
Appears in:
sesa 19(21): e1

Authors:
Saeed Ibrahim Alqahtani, Shujun Li, Haiyue Yuan, Patrice Rusconi

Published:
1st Aug 2019

Abstract:
Proactive password checkers have been widely used to persuade users to select stronger passwords by providing machine-generated strength ratings of passwords. If such ratings do not match human-generated ratings of human users, there can be a loss of trust in PPCs. In order to study the effective…Proactive password checkers have been widely used to persuade users to select stronger passwords by
providing machine-generated strength ratings of passwords. If such ratings do not match human-generated
ratings of human users, there can be a loss of trust in PPCs. In order to study the effectiveness of PPCs, it
would be useful to investigate how human users perceive such machine- and human-generated ratings in
terms of their trust, which has been rarely studied in the literature. To fill this gap, we report a large-scale
crowdsourcing study with over 1,000 workers. The participants were asked to choose which of the two ratings
they trusted more. The passwords were selected based on a survey of over 100 human password experts. The
results revealed that participants exhibited four distinct behavioral patterns when the passwords were hidden,
and many changed their behaviors significantly after the passwords were disclosed, suggesting their reported
trust was influenced by their own judgments.
more »

A Deep Learning Approach for Network Intrusion Detection System
Appears in:
sesa 16(9): e2

Authors:
Ahmad Javaid, Quamar Niyaz, Weiqing Sun, Mansoor Alam

Downloads:
7003

Abstract:
A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in their organizations. However, many challenges arise while developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for…A Network Intrusion Detection System (NIDS) helps system administrators to detect network security breaches in
their organizations. However, many challenges arise while
developing a flexible and efficient NIDS for unforeseen and unpredictable attacks. We propose a deep learning based approach for developing such an efficient and flexible NIDS.
We use Self-taught Learning (STL), a deep learning based technique, on NSL-KDD - a benchmark dataset for network
intrusion. We present the performance of our approach and compare it with a few previous work. Compared metrics include accuracy, precision, recall, and f-measure values.
more »
Mouse Underlaying: Global Key and Mouse Listener Based on an Almost Invisible Window with Local Listeners and Sophisticated Focus
Appears in:
sesa 18(15): e5

Author:
Tim Niklas Witte

Downloads:
5103

Abstract:
Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection tech…Keyloggers are serious threats for computer users both private and commercial. If an attacker is capable of installing this malware on the victim’s machine then he or she is able to monitor keystrokes of a user. This keylog contains login information. As a consequence, protection and detection techniques against keyloggers become increasingly better. This article presents the method of Mouse Underlaying for creating a new kind of software based keyloggers. This method is implemented in Java for testing countermeasures concerning keylogger protection, virtual keyboard, signatures and behavior detection by anti-virus programs. Products of various manufacturers are used for demonstration purposes. All of them failed without an exception. In addition, the reasons why these products failed are analyzed, and moreover, measures against Mouse Underlaying are developed based on the demonstration results.
more »
Threats, Countermeasures and Attribution of Cyber Attacks on Critical Infrastructures
Appears in:
sesa 18(16): e1

Authors:
Leandros Maglaras, Mohamed Amine Ferrag, Abdelouahid Derhab, Mithun Mukherjee, Helge Janicke, Stylianos Rallis

Downloads:
3199

Abstract:
As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a signiﬁcant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threat…As Critical National Infrastructures are becoming more vulnerable to cyber attacks, their protection becomes a signiﬁcant issue for any organization as well as a nation. Moreover, the ability to attribute is a vital element of avoiding impunity in cyberspace. In this article, we present main threats to critical infrastructures along with protective measures that one nation can take, and which are classiﬁed according to legal, technical, organizational, capacity building, and cooperation aspects. Finally we provide an overview of current methods and practices regarding cyber attribution and cyber peace keeping.
more »
Reviewing the book “Principles of Cyber-physical Systems” from a security perspective
Appears in:
sesa 15(4): e6

Authors:
Minghui Zhu, Peng Liu

Downloads:
1505

Abstract:
This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.This is a review of the book “Principles of Cyber-physical Systems” authored by Rajeev Alur and published by the MIT Press at 2015.
more »
A V2X Message Evaluation Methodology and Cross-Domain Modelling of Safety Applications in V2X-enabled E/E-Architectures
Appears in:
sesa 16(8): e1

Authors:
Harald Bucher, Marius-Florin Buciuman, Alexander Klimm, Oliver Sander, Jürgen Becker

Downloads:
1271

Abstract:
The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons)…The introduction of Vehicular Ad-Hoc Networks (VANETs) enables great potential for improving road traffic flow and especially active safety applications such as cooperative adaptive cruise control (CACC). Such applications not only rely on continuous broadcast of vehicle state information (beacons) of all vehicles, but also have strict real-time requirements. Regarding automotive E/E architectures this continuous broadcasting adds heavy internal E/E data traffic that needs to be processed in real-time by Electronic Control Units (ECUs).
In this work we address this issue by proposing a novel cluster-based message evaluation methodology to significantly reduce internal E/E network traffic by discarding irrelevant messages. The approach is only depending on information received over beacons. It combines a vehicle clustering strategy as well as network and vehicle state monitoring capabilities in order to correctly evaluate messages under real-time constraints. The proposed methodology is modeled inside an abstract ECU. It is evaluated by simulating a model-based CACC application under different traffic scenarios. It is shown that a significant reduction of messages is achievable, while still guaranteeing accident-free behavior of CACC.
more »
WG-8: A Lightweight Stream Cipher for Resource-Constrained Smart Devices
Appears in:
sesa 15(3): e4

Authors:
Xinxin Fan, Kalikinkar Mandal, Guang Gong

Downloads:
1181

Abstract:
Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags, smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-c…Lightweight cryptographic primitives are essential for securing pervasive embedded devices like RFID tags,
smart cards, and wireless sensor nodes. In this paper, we present a lightweight stream cipher WG-8, which is
tailored from the well-known Welch-Gong (WG) stream cipher family, for resource-constrained devices. WG-8
inherits the good randomness and cryptographic properties of the WG stream cipher family and is resistant to
the most common attacks against stream ciphers. The software implementations of the WG-8 stream cipher on
two popular low-power microcontrollers as well as the extensive comparison with other lightweight cryptography
implementations highlight that in the context of securing lightweight embedded applications WG-8 has favorable
performance and low energy consumption.
more »
A Deep Learning Based DDoS Detection System in Software-Defined Networking (SDN)
Appears in:
sesa 17(12): e2

Authors:
Quamar Niyaz, Weiqing Sun, Ahmad Y. Javaid

Downloads:
1150

Abstract:
Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged softwar…Distributed Denial of Service (DDoS) is one of the most prevalent attacks that an organizational network infrastructure comes across nowadays. Poor network management, low-priced Internet subscriptions, and readily available attack tools can be attributed to their rise. The recently emerged software-defined networking (SDN) and deep learning (DL) concepts promise to revolutionize their respective domains. SDN keeps the global view of the entire managed the network from a single point, i.e., the controller, thus making the network management easier. DL-based approaches improve feature extraction/reduction from a high-dimensional dataset such as network traffic headers. This work proposes a deep learning based multi-vector DDoS detection system in an SDN environment. The detection system is implemented as a network application on top of the SDN controller and can monitor the managed network traÿc. Performance evaluation is based on different metrics by applying the system on traÿc traces collected from different scenarios. A high accuracy with low false-positive rate is observed in attack detection for the proposed system.
more »
ITFComp: A Compression Algorithm for ARM Architecture Instruction Trace Files
Appears in:
sesa 16(8): e2

Authors:
Mohammad Qasem, Lukas Pustina

Downloads:
1093

Abstract:
Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input …Testing the performance of a new computational component is costly due to the need of prototyping different setups. Therefore, trace driven hardware simulations are used. Instruction Trace Files (ITFs) are files containing traces of executed instructions in a program's run and are used as an input for hardware simulations. ITFs tend to be large in size, causing a storage challenge. Many trace reduction techniques exist to deal with the ITFs' storage challenge. In this paper we introduce ITFComp, a compression algorithm that combines general purpose compression methods with knowledge about ARM architecture ITFs' structure to reduce their size. ITFComp also works on compressing data memory addresses accessed by instructions within ITFs to further reduce an ITF size. Results show a reduction of 600 times on average when combined with LZMA compression algorithm. This reduction is 4 times better than when using LZMA alone, and 10 times better than when using DEFLATE. ITFComp introduces a negligible overhead in the decompression time (less than 1%).
more »
Evaluation of Cryptography Usage in Android Applications
Appears in:
sesa 16(9): e4

Authors:
Alexia Chatzikonstantinou, Christoforos Ntantogian, Georgios Karopoulos, Christos Xenakis

Downloads:
1054

Abstract:
Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we d…Mobile application developers are using cryptography in their products to protect sensitive data like passwords, short messages, documents etc. In this paper, we study whether cryptography and related techniques are employed in a proper way, in order to protect these private data. To this end, we downloaded 49 Android applications from the Google Play marketplace and performed static and dynamic analysis in an attempt to detect possible cryptographic misuses. The results showed that 87.8% of the applications present some kind of misuse, while for the rest of them no cryptography usage was detected during the analysis. Finally, we suggest countermeasures, mainly intended for developers, to alleviate the issues identified by the analysis.
more »
Threat Modeling for Cloud Infrastructures
Appears in:
sesa 18(17): e5

Authors:
Nawaf Alhebaishi, Lingyu Wang, Anoop Singhal

Downloads:
982

Abstract:
Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its ﬂexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastruc…Today’s businesses are increasingly relying on the cloud as an alternative IT solution due to its ﬂexibility and lower cost. Compared to traditional enterprise networks, a cloud infrastructure is typically much larger and more complex. Understanding the potential security threats in such infrastructures is naturally more challenging than in traditional networks. This is evidenced by the fact that there are limited eﬀorts on threat modeling for cloud infrastructures. In this paper, we conduct comprehensive threat modeling exercises based on two representative cloud infrastructures using several popular threat modeling methods, including attack surface, attack trees, attack graphs, and security metrics based on attack trees and attack graphs, respectively. Those threat modeling eﬀorts may provide cloud providers useful lessons toward better understanding and improving the security of their cloud infrastructures. In addition, we show how hardening solution can be applied based on the threat models and security metrics through extended exercises. Such results may not only beneﬁt the cloud provider but also embed more conﬁdence in cloud tenants by providing them a clearer picture of the potential threats and mitigation solutions.
more »

Publisher: EAI
ISSN: 2032-9393
Number of Volumes: 6

Last Published: 2020-05-18 13:15:35 UTC

EAI Endorsed Transactions on Security and Safety

Sencun Zhu1

David Mohaisen2

Sencun Zhu¹

David Mohaisen²