-
Strategic cybersecurity Comput. Secur. (IF 5.6) Pub Date : 2024-04-16 Saleh AlDaajeh, Saed Alrabaee
In the contemporary ever-evolving digital landscape, the paramount importance of fortifying national cybersecurity for safeguarding national security is unequivocal. Cybersecurity stands as a critically strategic field, demanding in-depth strategic planning. This research delves into the complexities of cybersecurity strategy, evaluation, and its myriad challenges, moving beyond conventional methodologies
-
GHGDroid: Global heterogeneous graph-based android malware detection Comput. Secur. (IF 5.6) Pub Date : 2024-04-09 Lina Shen, Mengqi Fang, Jian Xu
-
A logging maturity and decision model for the selection of intrusion detection cyber security solutions Comput. Secur. (IF 5.6) Pub Date : 2024-04-09 Manuel Kern, Max Landauer, Florian Skopik, Edgar Weippl
Many modern cyber attack techniques cannot be prevented. Logging and monitoring, however, offer a means to at least detect these techniques early, and therefore become increasingly important for defense. Many companies are unfortunately reluctant to invest more in cyber security logging and monitoring or hire additional security staff to operate detective solutions. There is a need for a methodology
-
PhishingRTDS: A real-time detection system for phishing attacks using a Deep Learning model Comput. Secur. (IF 5.6) Pub Date : 2024-04-05 Sultan Asiri, Yang Xiao, Saleh Alzahrani, Tieshan Li
In recent years, phishing attacks have become more intelligent and more challenging to detect using typical phishing methods. Moreover, attackers have leveraged some web development techniques to increase the website's legitimacy in victims' eyes, such as using JFrame to design a window that looks like a browser inside the webpage. In this paper, we design a system that detects three types of phishing
-
Revealing the realities of cybercrime in small and medium enterprises: Understanding fear and taxonomic perspectives Comput. Secur. (IF 5.6) Pub Date : 2024-04-05 Marta F. Arroyabe, Carlos F.A. Arranz, Ignacio Fernandez De Arroyabe, Juan Carlos Fernandez de Arroyabe
-
Explainability in AI-based behavioral malware detection systems Comput. Secur. (IF 5.6) Pub Date : 2024-04-05 Antonio Galli, Valerio La Gatta, Vincenzo Moscato, Marco Postiglione, Giancarlo Sperlì
Nowadays, our security and privacy are strongly threatened by programs which aim to steal our confidential data and make our systems out of service, among other things. While traditional signature-based malware detection methods or statistical analysis have proven to be ineffective and time-consuming, recently data-driven (AI) techniques, i.e. (ML) and (DL) approaches, have been successfully applied
-
Defend against adversarial attacks in malware detection through attack space management Comput. Secur. (IF 5.6) Pub Date : 2024-04-04 Liang Liu, Xinyu Kuang, Lin Liu, Lei Zhang
In recent years, the application of machine learning techniques based on byte sequences in malware detection has become a prominent research area. However, relevant studies have shown that machine learning methods are susceptible to adversarial examples, and the use of byte sequences provides attackers with a convenient avenue for manipulation. Current research efforts primarily focus on data augmentation
-
TTSAD: TCN-Transformer-SVDD Model for Anomaly Detection in air traffic ADS-B data Comput. Secur. (IF 5.6) Pub Date : 2024-03-31 Peng Luo, Buhong Wang, Jiwei Tian
ADS-B (Automatic Dependent Surveillance-Broadcast) is a key technology in the new generation air traffic surveillance system. However, it is vulnerable to various cyber attacks because it broadcasts data in plaintext format and lacks authentication mechanism. Previous research has rarely considered the application scenarios of ATM (Air Traffic Management) in commercial air transport, and there are
-
AttackNet: Enhancing biometric security via tailored convolutional neural network architectures for liveness detection Comput. Secur. (IF 5.6) Pub Date : 2024-03-29 Oleksandr Kuznetsov, Dmytro Zakharov, Emanuele Frontoni, Andrea Maranesi
Biometric security is the cornerstone of modern identity verification and authentication systems, where the integrity and reliability of biometric samples is of paramount importance. This paper introduces , a bespoke Convolutional Neural Network architecture, meticulously designed to combat spoofing threats in biometric systems. Rooted in deep learning methodologies, this model offers a layered defense
-
Multivocal literature review on zero-trust security implementation Comput. Secur. (IF 5.6) Pub Date : 2024-03-29 Cornelius Itodo, Murat Ozer
The sudden shift from physical office location to a fully remote or hybrid work model accelerated by the COVID19 pandemic, is a phenomenon that changed how organizations traditionally operated and thereby introduced new vulnerabilities and consequently changed the cyber threat landscape. This has led organizations around the globe to seek new approaches to protect their enterprise network. One such
-
ADT: Time series anomaly detection for cyber-physical systems via deep reinforcement learning Comput. Secur. (IF 5.6) Pub Date : 2024-03-28 Xue Yang, Enda Howley, Michael Schukat
Cyber-physical systems (CPS) play a vital role in modern society across various sectors, ranging from smart grid to water treatment, and their security has become one of the major concerns. Due to the significantly growing complexity and scale of CPS and cyber-attacks, it is imperative to develop defense and prevention strategies specifically for CPS that are adaptive, scalable, and robust. An important
-
KnowCTI: Knowledge-based cyber threat intelligence entity and relation extraction Comput. Secur. (IF 5.6) Pub Date : 2024-03-28 Gaosheng Wang, Peipei Liu, Jintao Huang, Haoyu Bin, Xi Wang, Hongsong Zhu
Structured cyber threat intelligence enables security researchers to know the occurrence of cyber threats in time, thereby improving the efficiency of security defense and analysis. Previous works usually use general deep learning and NLP techniques to extract intelligence. Such methods suffer from insufficient semantic understanding in the field of security. To address these issues, we propose a novel
-
Optimized verifiable delegated private set intersection on outsourced private datasets Comput. Secur. (IF 5.6) Pub Date : 2024-03-28 Guangshang Jiang, Hanlin Zhang, Jie Lin, Fanyu Kong, Leyun Yu
Private Set Intersection (PSI) has been applied in various fields, such as human genome research, advertising conversion rate analysis, etc. Traditional PSI has the drawback of requiring local devices to be constantly online and needing high storage capacity of the devices. To overcome these issues, many researchers have focused on delegating PSI computation to cloud servers. However, third-party clouds
-
Hunter: Tracing anycast communications to uncover cross-border personal data transfers Comput. Secur. (IF 5.6) Pub Date : 2024-03-27 Hugo Pascual, Jose M. del Alamo, David Rodriguez, Juan C. Dueñas
Cross-border personal data transfers are heavily regulated worldwide, with data protection authorities imposing huge fines on organizations that fail to meet their strict compliance requirements. However, network-level optimizations such as anycast addresses were not designed with personal data in mind, and their use may unwittingly divert personal data out of a legal boundary. This paper describes
-
Class imbalance and concept drift invariant online botnet threat detection framework for heterogeneous IoT edge Comput. Secur. (IF 5.6) Pub Date : 2024-03-25 Nitish A, Hanumanthappa J, S.P. Shiva Prakash, Kirill Krinkin
Heterogeneous networks (HetIoT) of high-capacity and resource-constrained IoT devices and their edge associations for on-device distributed critical workloads—called the —attract short-burst, botnet-based zero-day attacks that exploit latent vulnerabilities due to heterogeneous device properties, dynamic operational contexts, and insufficient security scrutiny of the constituent proprietary devices
-
A survey on graph neural networks for intrusion detection systems: Methods, trends and challenges Comput. Secur. (IF 5.6) Pub Date : 2024-03-25 Meihui Zhong, Mingwei Lin, Chao Zhang, Zeshui Xu
Intrusion detection systems (IDS) play a crucial role in maintaining network security. With the increasing sophistication of cyber attack methods, traditional detection approaches are encountering more challenges. In recent years, graph neural networks (GNNs) have garnered significant attention in the field of intrusion detection due to their unique ability to capture the relationships within the graph
-
It's too late if exfiltrate: Early stage Android ransomware detection Comput. Secur. (IF 5.6) Pub Date : 2024-03-24 Narendra Singh, Somanath Tripathy
Ransomware attacks disrupt and disable systems, demanding a ransom from the victim to restore functionality. Most of the state-of-the-art approaches focus on analyzing their behaviour at the post-infection, to identify ransomware and therefore, fails to detect at the early stage. This work proposes a ransomware detection mechanism named , to identify the threat at the pre-operational stage in Android
-
BFS2Adv: Black-box adversarial attack towards hard-to-attack short texts Comput. Secur. (IF 5.6) Pub Date : 2024-03-24 Xu Han, Qiang Li, Hongbo Cao, Lei Han, Bin Wang, Xuhua Bao, Yufei Han, Wei Wang
The advent of Machine Learning as a Service (MLaaS) and deep learning applications has increased the susceptibility of models to adversarial textual attacks, particularly in black-box settings. Prior work on black-box adversarial textual attacks generally follows a stable strategy that involves leveraging char-level, world-level, and sentence-level perturbations, as well as using queries to the target
-
An efficient deep learning mechanisms for IoT/Non-IoT devices classification and attack detection in SDN-enabled smart environment Comput. Secur. (IF 5.6) Pub Date : 2024-03-20 P. Malini, Dr. K.R. Kavitha
In recent years, the development of Internet of Things (IoT) applications has increased, resulting in higher demands for sufficient bandwidth, data rates, latency, and quality of service (QoS). In advanced communications, managing network resources for allocating IoT services and identifying the exact IoT devices connected to a network is a major concern. The existing studies have introduced various
-
MRC-VulLoc: Software source code vulnerability localization based on multi-choice reading comprehension Comput. Secur. (IF 5.6) Pub Date : 2024-03-19 Gaigai Tang, Lin Yang, Long Zhang, Hongyu Kuang, Huiqiang Wang
Recently, automatic vulnerability detection approaches based on machine learning (ML) have outperformed traditional rule-based approaches in terms of detection performance. Existing ML-based approaches typically concentrate on function or line granularity, which fail to realize accurate vulnerability localization and are insufficient to support effective root cause analysis of vulnerability. To address
-
Automated discovery and mapping ATT&CK tactics and techniques for unstructured cyber threat intelligence Comput. Secur. (IF 5.6) Pub Date : 2024-03-19 Lingzi Li, Cheng Huang, Junren Chen
As cyber attacks are growing, Cyber Threat Intelligence (CTI) enhances the ability of security systems to resist novel cyber threats. However, since most CTI is unstructured data written in natural language, it needs to be understood and summarized by security experts to be effectively utilized. To address the problem, we adopt the ATT&CK matrix as the taxonomy to propose a method for automated mapping
-
NCMFuzzer: Using non-critical field mutation and test case combination to improve the efficiency of ICS protocol fuzzing Comput. Secur. (IF 5.6) Pub Date : 2024-03-16 Hanxiao Wanyan, Yingxu Lai, Jing Liu, Hao Chen
Industrial control systems (ICSs) have many vulnerabilities owing to the lack of protective measures. Once exploited, such vulnerabilities can result in significant economic loss and security concerns because an ICS controls the entire production process. Although fuzzing is a prevalent technique for finding potential vulnerabilities, current approaches have the disadvantages of blind mutations and
-
XLMR4MD: New Vietnamese dataset and framework for detecting the consistency of description and permission in Android applications using large language models Comput. Secur. (IF 5.6) Pub Date : 2024-03-15 Qui Ngoc Nguyen, Nguyen Tan Cam, Kiet Van Nguyen
Google Play and other application marketplaces have various Android applications and metadata. Among these, description information and privacy policy help explain the application's functionality. They also describe the permission of the application, especially those related to sensitive information. Detecting the inconsistency between the description of the application and privacy information and
-
Optimism amid risk: How non-IT employees’ beliefs affect cybersecurity behavior Comput. Secur. (IF 5.6) Pub Date : 2024-03-13 Jimoh G. Fatoki, Zixing Shen, Carlo A. Mora-Monge
This study delves into the interplay between personal dispositions and cybersecurity behaviors within organizational settings. It investigates how optimism bias influences attitudes toward cybersecurity and subsequently affects cybersecurity behavior. Additionally, it examines the moderating role of information security awareness in shaping the relationship between attitude and risky cybersecurity
-
LogPrécis: Unleashing language models for automated malicious log analysis: Précis: A concise summary of essential points, statements, or facts Comput. Secur. (IF 5.6) Pub Date : 2024-03-13 Matteo Boffa, Idilio Drago, Marco Mellia, Luca Vassio, Danilo Giordano, Rodolfo Valentim, Zied Ben Houidi
Security logs are the key to understanding attacks and diagnosing vulnerabilities. Often coming in the form of text logs, their analysis remains a daunting challenge. Language Models (LMs) have demonstrated unmatched potential in understanding natural and programming languages. The question arises as to whether and how LMs could be also used to automatise the analysis of security logs. We here systematically
-
Semi-supervised log anomaly detection based on bidirectional temporal convolution network Comput. Secur. (IF 5.6) Pub Date : 2024-03-13 Zhichao Yin, Xian Kong, Chunyong Yin
System logs record system operation status and important event information. They are the important basis for debugging system failures and cause analysis. Due to the low accuracy of log parsing and insufficient labeled samples, anomaly detection precision is low. Therefore, we propose a new log-based semi-supervised anomaly detection method named BTCNLog. Firstly, the improved log parsing method with
-
DROPSYS: Detection of ROP attacks using system information Comput. Secur. (IF 5.6) Pub Date : 2024-03-13 Seon Kwon Kim, Hongjoo Jin, Kyungho Joo, Jiwon Lee, Dong Hoon Lee
As modern return-oriented programming (ROP) attacks have become more sophisticated, preventing or detecting these attacks is essential for real-world exploit defense. As an alternative to many defense techniques of ROP attacks that require software modification and hardware assistance, researchers have proposed ROP defense techniques using hardware performance counters (HPCs) to mitigate concerns about
-
SNDMI: Spyware network traffic detection method based on inducement operations Comput. Secur. (IF 5.6) Pub Date : 2024-03-13 Jiaxin Peng, Chun Guo, Yuan Ping, Yunhe Cui, Yi Chen, Guowei Shen
Spyware is a type of malware widely used by attackers to steal confidential information from users without their knowledge. It has the characteristics of high latency, high stealth, and high threat. Spyware typically uses trigger-based tactics to implement its malicious behavior, making it a challenge for traditional host-based detection methods and traditional network traffic-based detection methods
-
MitM attacks on intellectual property and integrity of additive manufacturing systems: A security analysis Comput. Secur. (IF 5.6) Pub Date : 2024-03-12 Hamza Alkofahi, Heba Alawneh, Anthony Skjellum
Additive Manufacturing (AM) was originally invented to reduce the cost of the prototyping process. Over time, the technology evolved to be faster, more accurate, and affordable. These factors, in addition to the potential use of AM in parts production, have helped rapidly drive the growth of AM in both industrial and personal uses. Thus, there is an accompanying demand to understand the cybersecurity
-
GSEDroid: GNN-based Android malware detection framework using lightweight semantic embedding Comput. Secur. (IF 5.6) Pub Date : 2024-03-12 Jintao Gu, Hongliang Zhu, Zewei Han, Xiangyu Li, Jianjin Zhao
Currently, the prevalence of Android malware remains substantial. Malicious programs increasingly use advanced obfuscation techniques, posing challenges for security professionals with enhanced disguises, a proliferation of variants, and escalating detection difficulty. Leveraging semantic features presents a promising avenue to address these challenges. Rich semantic information encapsulated within
-
ChatGPT or Bard: Who is a better Certified Ethical Hacker? Comput. Secur. (IF 5.6) Pub Date : 2024-03-09 Raghu Raman, Prasad Calyam, Krishnashree Achuthan
In this study, we compare two leading Generative AI (GAI) tools, ChatGPT and Bard, specifically in Cybersecurity, using a robust set of standardized questions from a validated Certified Ethical Hacking (CEH) dataset. In the rapidly evolving domain of Generative AI (GAI) and large language models (LLM), a comparative analysis of tools becomes essential to measure their performance. We determine the
-
An anomaly behavior characterization method of network traffic based on Spatial Pyramid Pool (SPP) Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Tao Yi, Xingshu Chen, Qindong Li, Yi Zhu
-
BopSkyline: Boosting privacy-preserving skyline query service in the cloud Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Weibo Wang, Yifeng Zheng, Songlei Wang, Zhongyun Hua, Lei Xu, Yansong Gao
With the widespread adoption of cloud computing, there has been great popularity of storing and querying databases in the cloud. However, such service outsourcing also entails critical data privacy concerns, as the cloud providers are generally not in the same trust domain as the data owners/users and could even suffer from data breaches. In this paper, different from most existing works that propose
-
Python source code vulnerability detection with named entity recognition Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Melanie Ehrenberg, Shahram Sarkani, Thomas A. Mazzuchi
Vulnerabilities within source code have grown over the last 20 years to become a common threat to systems and networks. As the implementation of open-source software continues to develop, more unknown vulnerabilities will exist throughout system networks. This research proposes an enhanced vulnerability detection method specific to Python source code that utilizes pre-trained, BERT-based transformer
-
A review on client-server attacks and defenses in federated learning Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Anee Sharma, Ningrinla Marchang
Federated Learning (FL) offers decentralized machine learning (ML) capabilities while potentially safeguarding data privacy. However, this architecture introduces unique security challenges. This paper presents a comprehensive survey of these challenges, categorizing attacks based on their targets: client-side training data, local models, FL channel, server-side aggregated parameters, and global models
-
SCFI: Efficient forward fine-grained control flow integrity based on coarse-grained ISA extensions Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Cairui She, Jinfeng Li, Liwei Chen, Gang Shi
Code reuse attack (CRA) is a severe threat to computer systems. To mitigate this threat, control-flow integrity (CFI) was proposed to restrict control-flow transfers. Processor vendors developed Instruction Set Architecture (ISA) extensions to enforce forward CFI on processors, such as Indirect Branch Tracking (IBT) developed by Intel and Branch Target Identification (BTI) developed by ARM. However
-
Securing SatCom user segment: A study on cybersecurity challenges in view of IRIS2 Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Francesco Casaril, Letterio Galletta
The advancement in communications technologies and recent geopolitical events highlighted the need for fast and reliable satellite communications infrastructure for military and civil security operations. Starting from the case study of the Viasat cyberattack in February 2022, this paper analyzes the common vulnerabilities of the ground and, in particular, user segments in infrastructures, focusing
-
NAISS: A reverse proxy approach to mitigate MageCart's e-skimmers in e-commerce Comput. Secur. (IF 5.6) Pub Date : 2024-03-08 Adrian-Cătălin Rus, Mohammed El-Hajj, Dipti Kapoor Sarmah
The rise of payment details theft has led to increasing concerns regarding the security of e-commerce platforms. For the MageCart threat family, the attacks employ e-skimmers, which are pieces of software code that instruct clients to forward payment details to an attacker-controlled server. They can be injected into hosting providers' servers as HTML tags such as , , and . By leveraging image steganography
-
TOMSAC - Methodology for trade-off management between automotive safety and cyber security Comput. Secur. (IF 5.6) Pub Date : 2024-03-07 Giedre Sabaliauskaite, Jeremy Bryans, Hesamaldin Jadidbonab, Farhan Ahmad, Siraj Shaikh, Paul Wooderson
Safety and security interdependencies have been of interest for researchers for several decades. However, in practice, they are not given the necessary consideration yet due to various reasons, such as lack of understanding and reluctance to change current practices. This research is aimed at advancing the state of the art in this area by developing a practical, easy to adapt and to use methodology
-
WF3A: A N-shot website fingerprinting with effective fusion feature attention Comput. Secur. (IF 5.6) Pub Date : 2024-03-04 Zhiquan Wang, Tengyao Li, Meijuan Yin, Xiaoyun Yuan, Xiangyang Luo, Lingling Li
Tor anonymity communication system provides privacy to users while also allowing sensitive users to access illegal websites. Website fingerprinting (WF) attack is a technique employed to identify websites visited by users, serving as a crucial tool for effectively recognizing user access to illegal online content. However, the majority of existing WF methods heavily rely on extensive training data
-
User-empowered secure privacy-preserving authentication scheme for Digital Twin Comput. Secur. (IF 5.6) Pub Date : 2024-03-04 Chintan Patel, Aryan Pasikhani, Prosanta Gope, John Clark
Digital Twin (DT) is a revolutionary technology changing how a smart manufacturing industry carries out its day-to-day activities. DT can provide numerous advantages such as real-time synchronised functioning, monitoring and data analysis. However, security and privacy issues in DT have not been thoroughly investigated. This article proposes a user-empowerment-based privacy-preserving authentication
-
Ethical principles shaping values-based cybersecurity decision-making Comput. Secur. (IF 5.6) Pub Date : 2024-03-02 Joseph Fenech, Deborah Richards, Paul Formosa
-
Examining the inconsistent effect of privacy control on privacy concerns in e-commerce services: The moderating role of privacy experience and risk propensity Comput. Secur. (IF 5.6) Pub Date : 2024-03-02 Shouzheng Tao, Yezheng Liu, Chunhua Sun
Consumer privacy protection has become an important issue and challenge in the development of e-commerce, and consumers' concerns for privacy may lead to negative user experiences and make them more cautious about disclosing personal information. As one of the widely adopted privacy concerns inhibiting approaches, the accumulated information privacy literature indicated that providing privacy controls
-
A comprehensive survey on cyber deception techniques to improve honeypot performance Comput. Secur. (IF 5.6) Pub Date : 2024-03-01 Amir Javadpour, Forough Ja'fari, Tarik Taleb, Mohammad Shojafar, Chafika Benzaïd
Honeypot technologies are becoming increasingly popular in cybersecurity as they offer valuable insights into adversary behavior with a low rate of false detections. By diverting the attention of potential attackers and siphoning off their resources, honeypots are a powerful tool for protecting critical assets within a network. However, the cybersecurity landscape constantly evolves, and professional
-
DawnGNN: Documentation augmented windows malware detection using graph neural network Comput. Secur. (IF 5.6) Pub Date : 2024-02-29 Pengbin Feng, Le Gai, Li Yang, Qin Wang, Teng Li, Ning Xi, Jianfeng Ma
Application Program Interface (API) calls are widely used in dynamic Windows malware analysis to characterize the run-time behavior of malware. Researchers have proposed various approaches to mine semantic information from API calls to improve the performance of malware analysis. However, with increasingly sophisticated malware, the exploration of new semantic dimensions for API calls is never-ending
-
Model-agnostic adversarial example detection via high-frequency amplification Comput. Secur. (IF 5.6) Pub Date : 2024-02-29 Qiao Li, Jing Chen, Kun He, Zijun Zhang, Ruiying Du, Jisi She, Xinxin Wang
Image classification based on Deep Neural Networks (DNNs) is vulnerable to adversarial examples, which make the classifier output incorrect predictions. One approach to defending against this attack is to detect whether the input is an adversarial example. Unfortunately, existing adversarial example detection methods heavily rely on the underlying classifier and may fail when the classifier is upgraded
-
A multi-type vulnerability detection framework with parallel perspective fusion and hierarchical feature enhancement Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Lingdi Kong, Senlin Luo, Limin Pan, Zhouting Wu, Xinshuai Li
A core problem of vulnerability detection is to detect multi-type vulnerabilities simultaneously by characterizing vulnerabilities of high diversity and complexity in real program source code. Current methods mainly adjust and compromise multiple code representations such as code sequence and code graph based on composite graph. However, sequential features extracted by graph are hardly sufficient
-
Exploring security and trust mechanisms in online social networks: An extensive review Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Gordhan Jethava, Udai Pratap Rao
The rise of Online Social Networks (OSNs) continues to surge in today's modern era. Millions of users are attracted and joined various OSNs and use them to perform various activities. People share a massive amount of personal information on OSNs, which has resulted in OSNs becoming a large pool of sensitive data. As OSNs contain a large amount of users' information, they attract malicious users as
-
RRIoT: Recurrent reinforcement learning for cyber threat detection on IoT devices Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Curtis Rookard, Anahita Khojandi
To address the recent worldwide proliferation of cybersecurity attacks across computing systems, especially internet-of-things devices, new robust and automated methods are needed to detect and mitigate the attacks in real time, ensuring the confidentiality, integrity, and availability of systems. Machine Learning (ML) techniques have shown promise in detecting some types of attacks. However, they
-
Defending novice user privacy: An evaluation of default web browser configurations Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Kristina Radivojevic, Nicholas Clark, Anna Klempay, Paul Brenner
Cyber novices often enter sensitive data into web browsers for routine activities such as online shopping and bill payments, making them targets for malicious entities, including cybercriminals and oppressive governments. The proliferation of online advertising technologies further exacerbates privacy concerns by exploiting user data for marketing or surveillance, frequently without explicit consent
-
Observational equivalence and security games: Enhancing the formal analysis of security protocols Comput. Secur. (IF 5.6) Pub Date : 2024-02-28 Liujia Cai, Guangying Cai, Siqi Lu, Guangsong Li, Yongjuan Wang
The formal analysis of security protocols uses abstract language to describe the security protocols, and current protocol descriptions sometimes overlook the security aspects related to cryptographic primitives. In this study, we integrate the security notions of cryptographic primitives with formal methods. Particularly, we use observational equivalence to create security games within the symbolic
-
A critical survey of the security and privacy aspects of the Aadhaar framework Comput. Secur. (IF 5.6) Pub Date : 2024-02-27 Debanjan Sadhya, Tanya Sahu
-
A task offloading approach based on risk assessment to mitigate edge DDoS attacks Comput. Secur. (IF 5.6) Pub Date : 2024-02-27 Haiou Huang, Bangyi Sun, Liang Hu
-
The anatomy of deception: Measuring technical and human factors of a large-scale phishing campaign Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Anargyros Chrysanthou, Yorgos Pantis, Constantinos Patsakis
In an era dominated by digital interactions, phishing campaigns have evolved to exploit not just technological vulnerabilities but also human traits. This study takes an unprecedented deep dive into large-scale phishing campaigns aimed at Meta's users, offering a dual perspective on the technical mechanics and human elements involved. Analysing data from over 25,000 victims worldwide, we highlight
-
can-train-and-test: A curated CAN dataset for automotive intrusion detection Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Brooke Lampe, Weizhi Meng
When it comes to in-vehicle networks (IVNs), the controller area network (CAN) bus dominates the market; automobiles manufactured and sold worldwide depend on the CAN bus for safety-critical communications between various components of the vehicle (e.g., the engine, the transmission, the steering column). Unfortunately, the CAN bus is inherently insecure; in fact, it completely lacks controls such
-
Enforcing security policies on interacting authentication systems Comput. Secur. (IF 5.6) Pub Date : 2024-02-23 Francesco Buccafurri, Vincenzo De Angelis, Sara Lazzaro, Andrea Pugliese
Security policies of authentication systems are a crucial factor in mitigating the risk of impersonation, which is often the first stage of advanced persistent threats. Online authentication systems may often interact with each other, due to various mechanisms, such as account recovery or federated authentication. This leads to an implicit extension of the security policies of an authentication system
-
M-RL: A mobility and impersonation-aware IDS for DDoS UDP flooding attacks in IoT-Fog networks Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Saeed Javanmardi, Meysam Ghahramani, Mohammad Shojafar, Mamoun Alazab, Antonio M. Caruso
The Internet of Things (IoT) has recently received a lot of attention from the information and communication technology community. It has turned out to be a crucial development for harnessing the incredible power of wireless media in the real world. The nature of IoT-Fog networks requires the use of defense techniques who are light and mobile-aware. The edge resources in such a distributed environment
-
PeerG: A P2P botnet detection method based on representation learning and graph contrastive learning Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Guangli Wu, Xingyue Wang, Jing Zhang
P2P botnets are distributed with complex topology and communication behavior, making them harder to detect and remove. Individuals or organizations can effectively detect P2P botnets by analyzing abnormal behaviors in network traffic. Existing works focus on extracting deterministic traffic interaction features, which are highly dependent on statistical features. Moreover, these methods are mainly
-
Intrusion detection method based on improved social network search algorithm Comput. Secur. (IF 5.6) Pub Date : 2024-02-22 Zhongjun Yang, Qi Wang, Xuejun Zong, Guogang Wang
The network security problem in today's world is becoming more and more prominent, and intrusion detection as a branch in the field of network security has been developed tremendously. At present, back propagation (BP) neural network is widely used in intrusion detection. However, its weights and thresholds are randomly initialized, so that fall into local optimal after training. To solve this problem
-
Contextual feature representation for image-based insider threat classification Comput. Secur. (IF 5.6) Pub Date : 2024-02-21 Shu-Min Duan, Jian-Ting Yuan, Bo Wang
With the rapid development of technology, insider threat incidents frequently occur in organizations. Detecting insider threats is an essential task in network infrastructure security. In this paper, we design an attention module to extract contextual features and augment abnormal features to generate high-quality images representing user behavior. Then, we use pre-trained ResNet and multi-source feature