ICT Systems Security and Privacy Protection
34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019, Proceedings
Published on 17. June 2019
XI, 390 pages
978-3-030-22312-0 (ISBN)
Description
This book constitutes the refereed proceedings of the 34th IFIP TC 11 International Conference on Information Security and Privacy Protection, SEC 2019, held in Lisbon, Portugal, in June 2019.
The 26 revised full papers presented were carefully reviewed and selected from 76 submissions. The papers present novel research on theoretical and practical aspects of security and privacy protection in ICT systems. They are organized in topical sections on intrusion detection, access control, organizational and behavioral, crypto and encryption, and integrity.
The 26 revised full papers presented were carefully reviewed and selected from 76 submissions. The papers present novel research on theoretical and practical aspects of security and privacy protection in ICT systems. They are organized in topical sections on intrusion detection, access control, organizational and behavioral, crypto and encryption, and integrity.
More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Target group
Professional and scholarly
Product notice
Reflowable
Illustrations
XI, 390 p. 157 illus., 47 illus. in color.
File size
15,80 MB
ISBN-13
978-3-030-22312-0 (9783030223120)
DOI
10.1007/978-3-030-22312-0
Schweitzer Classification
Other editions
Additional editions
Gurpreet Dhillon | Fredrik Karlsson | Karin Hedström
ICT Systems Security and Privacy Protection
34th IFIP TC 11 International Conference, SEC 2019, Lisbon, Portugal, June 25-27, 2019, Proceedings
Book
06/2019
Springer
€106.99
Shipment within 7-9 days
Content
- Intro
- Preface
- Organization
- Contents
- Intrusion Detection
- Hunting Brand Domain Forgery: A Scalable Classification for Homograph Attack
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Work
- 1.3 Roadmap
- 2 Backgrounds
- 2.1 Homograph Attacks
- 2.2 Visual Similarity Measure
- 2.3 Whois
- 3 Our Proposed Method
- 3.1 Data Collection
- 3.2 Data Labelling
- 3.3 Feature Extraction and Selection
- 3.4 Learning
- 4 Experiment
- 4.1 Parameters
- 4.2 Results
- 5 Empirical Analysis on Labelled Homographs in Case 2
- 6 Discussion
- 7 Conclusion
- References
- GanDef: A GAN Based Adversarial Training Defense for Neural Network Classifier
- 1 Introduction
- 2 Background and Related Work
- 2.1 Threat Model
- 2.2 Generating Adversarial Examples
- 2.3 Adversarial Example Defensive Methods
- 3 GanDef: GAN Based Adversarial Training
- 3.1 Design
- 3.2 Theoretical Analysis
- 3.3 Convergence Analysis
- 4 Experiments and Results
- 4.1 Datasets, NN Structures and Hyper-parameter
- 4.2 Comparative Evaluation of Defensive Approaches
- 4.3 Evaluation of GanDef-Comb
- 5 Conclusion
- References
- Control Logic Injection Attacks on Industrial Control Systems
- 1 Introduction
- 2 Background and Related Work
- 2.1 PLC and Control Logic
- 2.2 Attacks on PLCs
- 3 Stealthy Control Logic Injection Attacks
- 3.1 Data Execution Attack
- 3.2 Fragmentation and Noise Padding Attack
- 4 Implementation
- 4.1 Attacks on Modicon M221
- 4.2 Attacks on MicroLogix 1400
- 4.3 Network Intrusion Detection Systems (NIDS)
- 5 Evaluation
- 5.1 Experimental Settings
- 5.2 Datasets
- 5.3 Evaluation Results
- 6 Countermeasures
- 7 Conclusion
- References
- An Efficient and Scalable Intrusion Detection System on Logs of Distributed Applications
- 1 Introduction
- 2 State of the Art
- 2.1 Building an Intermediate Model from an Execution Trace
- 2.2 Building a Global Model from Multiple Intermediate Models
- 2.3 Use of the Global Model During a Detection Phase
- 3 Solving Scalability Issues Without Sacrificing Efficiency
- 3.1 Focusing on a Subset of Specific Sequences in the Lattice
- 3.2 Model Merging and Generalization
- 4 Assessment of the Approach
- 4.1 A Protocol for Conducting Experiments on Traces of XtreemFS
- 4.2 Scalability Issues During the Construction Phase
- 4.3 Evaluation of the Accuracy of the Detection Phase
- 4.4 Short Traces and Long Traces
- 5 Conclusion
- References
- Access Control
- Performance of Password Guessing Enumerators Under Cracking Conditions
- 1 Introduction
- 2 Background
- 2.1 Related Works
- 2.2 Enumerators
- 2.3 Hash Functions
- 2.4 Datasets
- 3 Cracking Process Modelling
- 3.1 Context
- 3.2 Formalization of the Performance
- 3.3 Estimating the Performance
- 4 How to Measure Performances of the Cracking Process
- 5 Experimental Results
- 6 Impacts of Our Contributions
- 7 Conclusion
- References
- An Offline Dictionary Attack Against zkPAKE Protocol
- 1 Introduction
- 1.1 Our Contribution
- 1.2 Previous Works
- 1.3 Organization
- 2 The zkPAKE Protocol
- 2.1 Protocol Description
- 3 Offline Dictionary Attack on zkPAKE
- 3.1 Attack Description
- 3.2 Attack Implementation
- 4 Conclusion
- A Appendix
- References
- Fine-Grained Access Control in Industrial Internet of Things
- 1 Introduction
- 2 Background: ABE with Outsourced Decryption
- 2.1 Actors
- 2.2 Definitions
- 3 Evaluation
- 3.1 Test-Setup
- 3.2 Performance
- 3.3 Data Overhead
- 3.4 Comparison: RSA and ECC
- 3.5 Use-Case Description: Siemens MindSphere
- 4 Related Work
- 5 Conclusions
- References
- Towards an Automated Extraction of ABAC Constraints from Natural Language Policies
- 1 Introduction
- 2 Background
- 2.1 Overview of Constraints Specifications in ABAC
- 2.2 Natural Language Parsing Strategies
- 2.3 Sequential Labeling
- 3 The Proposed Methodology
- 3.1 Annotation Scheme
- 3.2 Constraints Identification
- 3.3 Constraints Normalization
- 4 Experimental Results and Performance Evaluation
- 4.1 Dataset
- 4.2 Evaluation Criteria
- 4.3 Experiment and Experimental Results
- 5 Related Work
- 6 Conclusion and Future Work
- References
- Removing Problems in Rule-Based Policies
- 1 Introduction
- 2 Related Work
- 3 Background
- 4 The Removing Process
- 4.1 Overview of Removing Process
- 4.2 Properties
- 5 Finding the Minimal Selection
- 5.1 Looking for Minimal Size
- 6 Application Examples
- 6.1 A Second Specification
- 6.2 The ContinueA Example
- 6.3 Discussion
- 7 Conclusion
- References
- Is This Really You? An Empirical Study on Risk-Based Authentication Applied in the Wild
- 1 Introduction
- 2 Related Work
- 3 Black Box Testing RBA
- 3.1 Creation of Identities
- 3.2 Training of Identities
- 3.3 Implementation of RBA Inspection System
- 3.4 Inspection of RBA Features
- 4 Studies
- 4.1 Study 1: Determining IP Feature Thresholds
- 4.2 Study 2: Examining RBA Usage
- 4.3 Study 3: Analyzing Additional Authentication Factors
- 5 Discussion
- 5.1 Derived RBA Models Applied in Practice
- 5.2 Limitations
- 5.3 Ethical Considerations
- 6 Conclusion
- References
- Organizational and Behavioral Security
- Differentially Private Generative Adversarial Networks for Time Series, Continuous, and Discrete Open Data
- 1 Introduction
- 2 Preliminaries
- 2.1 Generative Adversarial Networks.
- 2.2 Differential Privacy
- 3 The Framework
- 3.1 Clipping Decay
- 3.2 Moment Accountant
- 4 Experiments
- 4.1 Synthetic Dataset
- 4.2 Time-Series Data
- 4.3 Discrete Data
- 5 Related Work
- 6 Conclusion
- References
- ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment
- 1 Introduction
- 2 Related Work
- 3 ESARA Framework
- 3.1 Goal and Requirements
- 3.2 Architecture Design
- 3.3 Components
- 4 Evaluation
- 4.1 App Behavior Analysis Results
- 4.2 App Perception Analysis Results
- 4.3 Risk Coverage
- 4.4 Discussion and Limitations
- 5 Conclusion and Future Work
- References
- SocialAuth: Designing Touch Behavioral Smartphone User Authentication Based on Social Networking Applications
- 1 Introduction
- 2 Related Work
- 3 Touch Gesture-Based User Authentication
- 3.1 Authentication Architecture
- 3.2 Touch Gesture Types and Features
- 3.3 Data Collection
- 3.4 Session Identification
- 4 User Study
- 4.1 Study Methodology
- 4.2 Machine Learning Classifiers and Metrics
- 4.3 Result Analysis
- 5 Conclusion
- References
- The Influence of Organizational, Social and Personal Factors on Cybersecurity Awareness and Behavior of Home Computer Users
- 1 Introduction
- 2 Theoretical Background and Research Model
- 3 Methodology
- 4 Analysis and Results
- 4.1 Measurement Model Assessment
- 4.2 Structural Model Assessment
- 4.3 Mediation Analysis
- 5 Discussion and Implications
- 6 Conclusion
- References
- To Be, or Not to Be Notified
- 1 Introduction
- 2 Related Work
- 3 Methodology
- 3.1 Demographics and Usage Behaviour
- 3.2 Privacy Personas Based on Privacy Statements
- 3.3 Categories of Notification and Notification Scenarios
- 3.4 Online Survey
- 3.5 Recruitment
- 4 Results
- 4.1 Demographics and Usage Behaviour
- 4.2 Privacy Persona Segmentation
- 4.3 Notification Preferences
- 5 Discussion
- 5.1 Segmentation of Ex Post Transparency Preferences
- 5.2 Design Implications for TETs
- 5.3 Limitations
- 6 Conclusion
- References
- A Structured Comparison of the Corporate Information Security Maturity Level
- 1 Introduction
- 2 Background and Related Work
- 2.1 Multiple Criteria Decision Methods
- 2.2 The Analytical Hierarchy Process
- 3 Research Methodology
- 3.1 Requirements
- 3.2 Algorithm Selection
- 3.3 Data Collection
- 4 The Approach - the AHP-Implementation
- 4.1 Pairwise Comparison of the Control Categories and Controls
- 4.2 Pairwise Evaluation of the Controls' Maturity Levels
- 4.3 Calculation of the Comparison
- 5 Results of the Comparison
- 6 Discussion
- 6.1 Limitations
- 7 Conclusion and Future Work
- References
- Predicting Students' Security Behavior Using Information-Motivation-Behavioral Skills Model
- Abstract
- 1 Introduction
- 2 Theoretical Background: The IMB Model
- 3 Method
- 3.1 Survey Design and Procedure
- 3.2 Participants
- 3.3 Measures
- 3.4 Data Analysis
- 4 Results
- 4.1 Validation of IMB Model
- 5 Discussion
- 5.1 Recommendations
- 5.2 Limitations and Future Research
- 6 Conclusion
- References
- Why Do People Pay for Privacy-Enhancing Technologies? The Case of Tor and JonDonym
- Abstract
- 1 Introduction
- 2 Theoretical Background and Related Work
- 2.1 Tor and JonDonym
- 2.2 Related Work
- 3 Methodology
- 3.1 Research Model and Hypotheses for the Logistic Regression Model
- 3.2 Data Collection
- 4 Results
- 4.1 Tariff Analysis for JonDonym
- 4.2 Factors Influencing Willingness to Pay for Privacy
- 5 Discussion and Conclusion
- Appendix - Questionnaire
- References
- Crypto and Encryption
- Arcana: Enabling Private Posts on Public Microblog Platforms
- 1 Introduction
- 2 Problem and Preliminaries
- 2.1 Problem Statement
- 2.2 Preliminary: CP-ABE
- 2.3 Preliminary: Digital Watermarking
- 3 Arcana: Private Posts on an Open Microblog Platform
- 3.1 Arcana Overview
- 3.2 Social Circle Detection and Key Distribution
- 3.3 Posting a Private Tweet
- 3.4 Viewing Private Tweets
- 3.5 Experiment and Performance Analysis
- 4 Security Analysis and Discussions
- 5 Related Works
- 6 Conclusion and Future Work
- References
- Fast Keyed-Verification Anonymous Credentials on Standard Smart Cards
- 1 Introduction
- 1.1 Related Work
- 1.2 Our Contribution
- 2 Preliminaries
- 2.1 Notation
- 2.2 Weak Boneh-Boyen Signature
- 2.3 Algebraic MACs
- 3 Our Algebraic MAC
- 4 Keyed-Verification Anonymous Credential Scheme
- 4.1 Definition of Keyed-Verification Anonymous Credential Schemes
- 4.2 Our KVAC Scheme Based on MACwBB
- 4.3 Efficiency
- 5 Implementation Results
- 6 Conclusion
- References
- BlockTag: Design and Applications of a Tagging System for Blockchain Analysis
- 1 Introduction
- 2 Design and Architecture
- 3 Real-World Deployment
- 4 Applications
- 4.1 Linking Users to Services
- 4.2 Market Economics
- 4.3 Forensics
- 5 Discussion
- 6 Related Work
- 7 Conclusion
- References
- Forward Secure Identity-Based Signature Scheme with RSA
- 1 Introduction
- 2 Related Work
- 3 Preliminaries
- 3.1 FSIBS Scheme
- 3.2 Security Model
- 3.3 Factoring Assumption
- 3.4 Multiple Forking
- 4 The Proposed Scheme
- 5 Security Proof
- 6 Optimization of Performance Improvement
- 7 Experiment
- 8 Conclusion
- References
- Integrity
- On the Effectiveness of Control-Flow Integrity Against Modern Attack Techniques
- 1 Introduction
- 2 Background
- 2.1 Control Flow Transfers
- 2.2 Control Flow Attacks
- 2.3 Control Flow Integrity
- 3 Threats
- 3.1 Code Reuse Attack
- 3.2 Code Injection
- 3.3 Disclosure Attack
- 3.4 Return-to-User
- 3.5 Return-to-Libc
- 3.6 Replay Attack
- 4 CFI Protection Techniques and Limitations
- 4.1 CFI Principles, Implementations, and Applications (CFI)
- 4.2 CCFI: Cryptographically Enforced CFI (CCFI)
- 4.3 CFI for COTS Binaries (binCFI)
- 4.4 Practical CFI and Randomization for Binary Executables (CCFIR)
- 4.5 Hardware (CFI) for an IT Ecosystem (HW-CFI)
- 4.6 Per-Input CFI (PICFI)
- 4.7 KCoFI: Complete CFI for Commodity Operating System Kernels (KCoFI)
- 4.8 Fine-Grained CFI for Kernel Software (Kernel CFI)
- 4.9 Enforcing Forward-Edge CFI in GCC & LLVM (IFCC)
- 4.10 Control-Flow Bending: On the Effectiveness of CFI (CFB)
- 4.11 SAFEDISPATCH: Securing C++ Virtual Calls from Memory Corruption Attacks (SAFEDISPATCH)
- 4.12 Control Flow Guard (C-Guard)
- 4.13 Reuse Attack Protector (RAP)
- 4.14 Opaque CFI (O-CFI)
- 5 Analysis
- 5.1 Software-Based CFI
- 5.2 Hardware-Based CFI
- 5.3 Optimal Protection
- 5.4 Performance Overhead
- 6 Conclusions and Future Work
- References
- Automatically Proving Purpose Limitation in Software Architectures
- 1 Introduction
- 2 Legal Prerequisites
- 3 Related Work
- 4 GermanVasc
- 5 CAPVerDE
- 5.1 Syntax
- 5.2 Semantics
- 6 Case Study
- 7 Verification
- 8 Discussion
- 9 Conclusion and Future Work
- References
- Commit Signatures for Centralized Version Control Systems
- 1 Introduction
- 2 Background
- 2.1 Centralized Version Control Systems
- 2.2 Merkle Hash Trees
- 3 Can Git Commit Signing Be Used?
- 4 Adversarial Model and Security Guarantees
- 4.1 Attacks
- 4.2 Security Guarantees
- 5 Commit Signatures for Centralized VCS-es
- 5.1 MHT-Based Proofs
- 6 Implementation and Experimental Evaluation
- 6.1 Implementation and Experimental Setup
- 6.2 Experimental Evaluation for Commit Operations
- 6.3 Experimental Evaluation for Update Operations
- 7 Related Work
- 8 Conclusion
- References
- Towards Contractual Agreements for Revocation of Online Data
- 1 Introduction
- 2 Solution Overview
- 3 Revocation Contract Scheme
- 4 Protocol Design Space
- 4.1 Data Identification
- 4.2 Data Feeds
- 4.3 Complex Revocation Conditions
- 4.4 Financial Reserve Model
- 5 Prototype Implementation
- 5.1 Smart Contract
- 5.2 Evaluation
- 6 Discussion
- 7 Related Work
- 8 Conclusion
- References
- Correction to: ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment
- Correction to: Chapter "ESARA: A Framework for Enterprise Smartphone Apps Risk Assessment" in: G. Dhillon et al. (Eds.): ICT Systems Security and Privacy Protection, IFIP AICT 562, https://doi.org/10.1007/978-3-030-22312-0_12
- Author Index
