Data and Applications Security and Privacy XXXIII
33rd Annual IFIP WG 11.3 Conference, DBSec 2019, Charleston, SC, USA, July 15-17, 2019, Proceedings
Published on 4. July 2019
XI, 419 pages
978-3-030-22479-0 (ISBN)
Description
This book constitutes the refereed proceedings of the 33rd Annual IFIP WG 11.3 Conference on Data and Applications Security and Privacy, DBSec 2019, held in Charleston, SC, USA, in July 2018.
The 21 full papers presented were carefully reviewed and selected from 52 submissions. The papers present high-quality original research from academia, industry, and government on theoretical and practical aspects of information security. They are organized in topical sections on attacks, mobile and Web security, privacy, security protocol practices, distributed systems, source code security, and malware.More details
Series
Language
English
Place of publication
Cham
Switzerland
Publishing group
Springer International Publishing
Product notice
Reflowable
Illustrations
XI, 419 p. 326 illus., 81 illus. in color.
File size
25,86 MB
ISBN-13
978-3-030-22479-0 (9783030224790)
DOI
10.1007/978-3-030-22479-0
Schweitzer Classification
Other editions
Additional editions
Simon N. Foley
Data and Applications Security and Privacy XXXIII
33rd Annual IFIP WG 11.3 Conference, DBSec 2019, Charleston, SC, USA, July 15-17, 2019, Proceedings
Book
06/2019
Springer
€80.25
Shipment within 7-9 days
Content
- Intro
- Preface
- Organization
- Contents
- Attacks
- Detecting Adversarial Attacks in the Context of Bayesian Networks
- 1 Introduction
- 2 Problem Setting
- 3 Long-Duration Data Poisoning Attacks
- 4 Framework for Detecting Data Poisoning Attacks
- 5 Empirical Results
- 5.1 One-Step Data Poisoning Attacks
- 5.2 Long-Duration Data Poisoning Attacks
- 5.3 Discussion: Detecting Data Poisoning Attacks
- 6 Related Work
- 7 Conclusion and Future Work
- A Causative, Long-duration Model Invalidation Attacks
- References
- AGBuilder: An AI Tool for Automated Attack Graph Building, Analysis, and Refinement
- 1 Introduction
- 2 Attack Graph Modeling Using PDDL
- 3 Our Approach for Automated Attack Graph Generation and Refinement
- 3.1 Automatically Generating PDDL Domain from Natural Language Textual Descriptions
- 3.2 Incremental Building and Refinement of the Attack Graph
- 4 AGBuilder Modules
- 4.1 Knowledge Base Components
- 4.2 AGBuilder Processing Modules
- 4.3 Working Example of Explanation Constructor
- 5 Related Work
- 6 Conclusion and Future Work
- References
- On Practical Aspects of PCFG Password Cracking
- 1 Introduction
- 1.1 Contribution
- 1.2 Structure of the Paper
- 2 Background and Related Work
- 3 Enhancements to PCFG
- 3.1 Key Observations
- 3.2 Long Base Structures
- 3.3 Calculating the Number of Password Candidates
- 3.4 The New PCFG Manager
- 3.5 Grammar Filtering
- 4 Experimental Results
- 4.1 The Performance of PCFG Manager
- 4.2 The Impact of PCFG Filtering
- 4.3 Evaluation
- 5 Conclusion
- References
- That's My DNA: Detecting Malicious Tampering of Synthesized DNA
- 1 Introduction
- 2 Limitations of Earlier Work and Current Contributions
- 2.1 Cyclic Shifts and Reverse Complement
- 2.2 Mutations in Identifying Tags
- 2.3 Signature Length
- 3 DNA Signature Generation and Verification Procedure
- 4 Allowing Mutations in Start and End Tags
- 5 New Identity-Based Signature Scheme with Shorter Signature Size
- 6 Conclusion and Future Work
- References
- Mobile and Web Security
- Adversarial Sampling Attacks Against Phishing Detection
- 1 Introduction
- 1.1 Motivation
- 1.2 Problem Statement
- 1.3 Proposed Approach and Key Contributions
- 2 Related Work
- 2.1 Machine Learning for Phishing Detection
- 2.2 Learning in Adversarial Context
- 3 Threat Model
- 3.1 Attacker's Goal
- 3.2 Attacker's Knowledge
- 3.3 Attacker Influence
- 4 Adversarial Sampling for Phishing
- 4.1 Defining the Dataset
- 4.2 Selecting Features for Manipulation
- 4.3 Adversary Cost
- 4.4 Vulnerability Level
- 5 Experiments and Results
- 5.1 Used Datasets
- 5.2 Exp-1: Evaluation of Datasets
- 5.3 Generating Adversarial Samples
- 5.4 Exp-2: Robustness of Learning Model
- 5.5 Exp-3: Dataset Vulnerability Level
- 5.6 Comparing the Results with Previous Experiments
- 6 Conclusion and Future Work
- References
- Is My Phone Listening in? On the Feasibility and Detectability of Mobile Eavesdropping
- Abstract
- 1 Introduction
- 2 Threat Model
- 3 Microphone-Based Eavesdropping
- 3.1 Microphone Access Permission
- 3.2 User Notifications and Visibility
- 4 Motion Sensor-Based Eavesdropping
- 4.1 Experimental Research Findings
- 4.2 Sampling Frequency Limits
- 4.3 Sensor Access Permissions and Energy Efficiency
- 5 Existing Mitigation and Detection Techniques
- 5.1 App Inspections Conducted by Ecosystem Providers
- 5.2 App Inspections Conducted by the Research Community
- 6 Ecosystem Providers as Potential Adversaries
- 7 Technical and Economic Feasibility
- 8 Unauthorized Access to Smartphones
- 9 Discussion
- 10 Conclusion
- References
- Droids in Disarray: Detecting Frame Confusion in Hybrid Android Apps
- 1 Introduction
- 2 Technical Background
- 2.1 Frame Confusion
- 3 A Frame Confusion Detection Methodology
- 3.1 Vulnerability Blueprint
- 3.2 Detection Algorithm
- 4 The FCDroid tool
- 4.1 Implementation Challenges
- 4.2 FCDroid Architecture
- 5 Experimental Results
- 6 Attacking and Exploiting the Frame Confusion
- 7 Related Work
- 8 Conclusion
- References
- Privacy
- Geo-Graph-Indistinguishability: Protecting Location Privacy for LBS over Road Networks
- 1 Introduction
- 2 Preliminary and Problem Setting
- 2.1 Geo-Indistinguishability geospsi
- 2.2 Problem Statement
- 3 Evaluating Privacy and Utility of Geo-Indistinguishability
- 3.1 Empirical Privacy Evaluation
- 3.2 Utility
- 4 Geo-Graph-Indistinguishability
- 4.1 Definition
- 4.2 Graph Exponential Mechanism
- 4.3 Analyzing the Relationship Between GeoI and GeoGI
- 4.4 Discussion
- 5 Experiments
- 5.1 Privacy Protection Level of GEM
- 5.2 Utility of GEM
- 6 Related Work
- 6.1 Location Privacy on a Road Network
- 6.2 State-of-the-Art Privacy Models
- 7 Conclusion and Future Work
- 8 Appendix
- 8.1 Proofs
- 8.2 dX-privacy
- 8.3 Pseudocode of GEM
- References
- ``When and Where Do You Want to Hide?'' - Recommendation of Location Privacy Preferences with Local Differential Privacy
- 1 Introduction
- 2 Preliminaries
- 2.1 Matrix Factorization
- 2.2 Local Differential Privacy
- 2.3 Definition of the Location Privacy Preference
- 3 Recommendation Method
- 3.1 Framework
- 3.2 Addition of Noise
- 4 Evaluation
- 4.1 Overview
- 4.2 Dataset
- 4.3 Metrics
- 4.4 Evaluation Process
- 4.5 Results
- 5 Conclusion
- References
- Analysis of Privacy Policies to Enhance Informed Consent
- 1 Introduction
- 2 The Privacy Policy Language Pilot
- 2.1 Basic Definitions
- 2.2 Abstract Syntax of Pilot Privacy Policies
- 2.3 Example: Vehicle Tracking
- 3 Abstract Execution Model
- 3.1 System State
- 3.2 System Events
- 4 Risk Analysis
- 4.1 Automatic Risk Analysis with SPIN
- 4.2 Case Study: Vehicle Tracking
- 4.3 Usability
- 5 Related Work
- 6 Conclusion
- A Policy Subsumption
- B Active Policies and Transfer Rules
- C Policy Join
- References
- Security Protocol Practices
- Lost in TLS? No More! Assisted Deployment of Secure TLS Configurations
- 1 Introduction
- 2 Background
- 2.1 TLS
- 2.2 Vulnerabilities
- 3 Tools Comparison
- 3.1 Mobile Clients
- 4 Mitigations Identification
- 5 TLSAssistant
- 5.1 Architecture
- 6 Experimental Evaluation
- 6.1 Use-Case: CIE 3.0
- 6.2 User Study
- 7 Conclusions and Future Work
- A Post-questionnaire
- B Report snippet
- References
- Contributing to Current Challenges in Identity and Access Management with Visual Analytics
- 1 Introduction
- 2 Background and Related Work
- 2.1 Background
- 2.2 Related Work
- 3 IAM Challenges
- 3.1 Approach for Identifying Challenges
- 3.2 Literature Survey
- 3.3 Practitioner's View
- 3.4 IAM Challenges
- 4 Applying Visual Analytics to IAM
- 4.1 Data Sources
- 4.2 Data Preparation
- 4.3 Data Visualization
- 5 Exemplary Use Cases
- 5.1 Identities Not Managed Within a Central IAM (C1, C4)
- 5.2 Identities with an Unusual Number of Entitlements (C3)
- 5.3 Poor Data Quality in IAM Data (C4)
- 6 Conclusion
- References
- Analysis of Multi-path Onion Routing-Based Anonymization Networks
- 1 Introduction
- 2 Related Work
- 3 Multi-path in Anonymization Systems
- 3.1 Conflux
- 3.2 mTor
- 3.3 MORE
- 3.4 mUDP-OR
- 4 Classifying Design Choices
- 4.1 Traffic Management
- 4.2 Circuit Construction
- 4.3 Path Selection
- 5 Performance Evaluation
- 5.1 Private Local Network Experiment
- 5.2 Larger-Scale Experiment
- 5.3 Design Recommendations
- 6 Anonymity Analysis
- 6.1 Client Multi-path Circuits Compromise
- 6.2 Using Multiple Entry Onion Routers
- 7 Conclusions and Future Work
- References
- Distributed Systems
- Shoal: Query Optimization and Operator Placement for Access Controlled Stream Processing Systems
- 1 Introduction
- 2 Background and System Model
- 2.1 Background on DDSPSs
- 2.2 Access Controls
- 3 Problem Description
- 3.1 Problem Description
- 3.2 Optimize-then-place Approach
- 4 The Shoal Optimizer
- 4.1 Online Optimization Approach
- 4.2 Greedy and Hybrid Approaches
- 4.3 Example
- 5 Evaluation
- 5.1 Online Optimizer
- 5.2 Comparison to the State-of-the-Art
- 6 Related Work
- 7 Conclusion
- References
- A Distributed Ledger Approach to Digital Twin Secure Data Sharing
- 1 Introduction
- 2 Background
- 3 Problem Statement
- 3.1 Digital Twin Model
- 3.2 A Formal Basis for Secure Digital Twin Data Sharing
- 3.3 Requirements for Secure DT Data Sharing
- 4 Solution Architecture
- 4.1 Technology Selection
- 4.2 System Architecture
- 4.3 Data Storage
- 4.4 Capabilities
- 4.5 Setup Process
- 5 Use Case
- 5.1 Setting
- 5.2 Framework Iteration
- 5.3 Results
- 6 Evaluation
- 6.1 Requirements Fulfillment
- 6.2 Discussion
- 7 Conclusion
- References
- Refresh Instead of Revoke Enhances Safety and Availability: A Formal Analysis
- 1 Introduction
- 2 Related Work
- 3 System Model and Assumptions
- 3.1 Refresh Vs. Revocation
- 3.2 System Assumptions
- 4 Consistency Levels Formal Characterization
- 4.1 Preliminaries
- 4.2 Interval Consistency
- 4.3 Interval Consistency with Request Time
- 4.4 Forward-Looking Consistency
- 5 Limitations and Practical Issues
- 6 Conclusion
- References
- Source Code Security
- Wrangling in the Power of Code Pointers with ProxyCFI
- 1 Introduction
- 1.1 Contributions of This Paper
- 2 Protecting Control Flow with ProxyCFI
- 2.1 Threat Model
- 2.2 Pointer Proxies
- 2.3 Building Code with Pointer Proxies
- 2.4 Load-Time Program Verifier
- 2.5 Deterring CFG Mimicry Attacks
- 2.6 Shared Libraries with Pointer Proxies
- 3 ProxyCFI in GNU GCC
- 3.1 Compilation Flow
- 3.2 ProxyCFI Optimizations
- 4 Evaluation
- 4.1 Evaluation Framework
- 4.2 Performance Analysis
- 4.3 Security Analysis
- 5 Related Work
- 6 Conclusion
- A Redis-benchmark Results Breakdown
- References
- CASFinder: Detecting Common Attack Surface
- 1 Introduction
- 2 Preliminaries
- 2.1 Motivating Example
- 2.2 Background
- 3 The Model of Common Attack Surface
- 3.1 Conditional Common Attack Surface (CCAS) Metric
- 3.2 Probabilistic Common Attack Surface Metric
- 4 Design and Implementation
- 5 Experiments
- 5.1 Dataset
- 5.2 Cross-Category Common Attack Surface
- 5.3 Common Attack Surface in the Same Category
- 6 Related Work
- 7 Conclusion
- References
- Algorithm Diversity for Resilient Systems
- 1 Introduction
- 2 Background on DistAlgo
- 3 Creating Variants Using Incrementalization
- 4 Synchronized Execution for DistAlgo
- 5 Diversity Metrics and Runtime Monitoring Tools
- 5.1 Code Diversity
- 5.2 Trace Diversity
- 5.3 Input Access Diversity
- 6 Evaluation
- 6.1 Sequential Algorithms
- 6.2 Distributed Algorithms
- 7 Related Work
- 7.1 Evaluation of Diversity Techniques
- References
- Malware
- Online Malware Detection in Cloud Auto-scaling Systems Using Shallow Convolutional Neural Networks
- 1 Introduction
- 2 Related Work
- 3 Key Intuition
- 4 Methodology
- 4.1 Malware Detection in Multiple VMs Using Single Samples (MVSS)
- 4.2 Malware Detection in Multiple VMs Using Paired Samples (MVPS)
- 5 Experiment Setup and Results
- 5.1 CNN Model Architecture
- 5.2 Experimental Setup
- 5.3 Evaluation
- 5.4 MVSS and MVPS Results
- 6 Conclusion and Future Work
- References
- Redirecting Malware's Target Selection with Decoy Processes
- 1 Introduction
- 2 Honeypot Experiment
- 3 Decoy Processes
- 4 Performance Support for a Decoy Process
- 4.1 Heatmaps
- 4.2 Deep Learning of Performance Fingerprints
- 5 Experimental Testing and Validation
- 6 Related Work
- 7 Conclusions
- References
- Author Index
