The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
The current practices of Web analytics and independent audience measurement are under legal and societal scrutiny, and the implemented and currently suggested approaches are either impractical, or most likely illegal under the upcoming General Data Protection Regulations of the European Union. While local solutions may achieve compliance for analytics, audience measurement inherently requires an independent...
Growing complexity in modern software is making signature-based intrusion detection an increasing challenge. Many recent intrusion detection systems rely on accurate recovery of application semantics from memory. In this paper, we approach the problem from a different angle. We observe that the user applications in corporate network often run in identical system environments due to standardized IT...
Honeynet is a network architecture that utilizes multiple honeypots to deceive attackers and analyze their malicious behaviors. However, existing honeynet has not evolved much since its latest architecture, Gen-III, which was proposed in 2004. Meanwhile, security threats and techniques used by adversaries have been continuously advanced. As a result, honeypot architecture is suffering from its limited...
Dynamic spectrum access (DSA) enables secondary users (SUs) to access the underutilized licensed spectrum when the primary users (PUs) are absent and is a key solution to address the worldwide spectrum scarcity and improve the spectrum utilization. Database-driven DSA is a popular DSA paradigm and has been approved by FCC. In a database-driven DSA system, a spectrum service provider (SPP) accepts...
LTE is a globally deployed standard. CSFB (Circuit Switched Fallback) is one of the major voice solutions in LTE network. We found one vulnerability in CSFB where the authentication step is missing. This allows an attacker to impersonate a victim. We named this attack as ‘Ghost Telephonist’. The consequence of this attack include: (1) The attacker can impersonate the callee and obtain the content...
Industrial Control System (ICS) is used to monitor and control critical infrastructures. Programmable logic controllers (PLCs) are major components of ICS, which are used to form automation system. It is important to protect PLCs from any attacks and undesired incidents. However, it is not easy to apply traditional tools and techniques to PLCs for security protection and forensics because of its unique...
The use of cloud technology is continually expanding. Yet, in many scenarios the adoption of an external cloud service provider may be a worry for data confidentiality since it leads to a partially loss of control over data. One of the solutions for letting users put trust in a provider is the use of encryption to protect data. EncSwift [1] is a solution that provides transparent support for the encryption...
As an extension of cloud computing, fog computing is proving itself more and more potentially useful nowadays. Fog computing is introduced to overcome the shortcomings of cloud computing paradigm in handling the massive amount of traffic caused by the enormous number of Internet of Things devices being increasingly connected to the Internet on daily basis. Despite its advantages, fog architecture...
We present a novel solution in tracking the behaviour of an attacker and limiting their ability to compromise a cybersecurity system. The solution is based on combining a decoy with a real system, where a BLE controller will be placed in the middle, acting like a fob that opens and closes the access of the server's BLE. If the first server wants to communicate with the second server, the BLE must...
Cloud Computing represents one of the most significant shifts in information technology and it enables to provide cloud-based security service such as Security-as-a-service (SECaaS). Improving of the cloud computing technologies, the traditional SIEM paradigm is able to shift to cloud-based security services. In this paper, we propose the SIEM architecture that can be deployed to the SECaaS platform...
With SDN increasingly becoming an enabling technology for NFV in the cloud, many virtualized network functions need to monitor the network state in order to function properly. An outdated network view at the controllers can impact the performance of those virtualized network functions. In earlier work, we identified two main factors contributing to an outdated network view in the case of a load-balancer:...
In email systems, one of the most widely used attacks is email spoofing, in which the source address of the email message is forged to make the recipient of the email believe that the email was sent from a legitimate source. Several research works have been presented in the past to address email spoofing attack. Further, in recent years, the technique of memory forensics has evolved significantly...
Building upon previous work on the relation between secrecy and channel resolvability, we revisit a secrecy proof for the multiple-access channel (MAC) from the perspective of resolvability. We then refine the approach in order to obtain some novel results on the second-order achievable rates.
In modern train control systems, a moving train retrieves its location information through passive transponders called balises, which are placed on the sleepers of the track at regular intervals. When the train-borne antenna energizes them using tele-powering signals, balises backscatter preprogrammed telegrams, which carry information about the train's current location. Since the telegrams are static...
The Gaussian fading channel is studied, in which the channel from the transmitter to the receiver is corrupted by a multiplicative fading coefficient H and an additive Gaussian random noise. It is assumed that the channel is experiencing block fading, and the transmitter does not know the channel state information (CSI). The receiver is assumed to have full knowledge of the CSI. If the channel state...
The potential of full-duplex in communication design has been recently considered for emerging technologies such as 5G. Moreover, full-duplex can play a crucial role in upcoming secure communication scenarios too. However, results in the literature are limited and only explore scenarios, where the wireless channel is used either for key generation or for secure messaging. Our first contribution is...
Data privacy and security continues to hinder wider adoption of cloud based web services for small to medium businesses. Existing privacy aware systems for cloud environments either assume that web service providers are trustworthy and can adequately enforce a client's privacy policies or adapt computationally expensive encryption techniques to minimize data security risks. In this paper, we propose,...
This work presents a novel scheme which reinforces strength of encryption keys in low-power and low-rate wireless sensor networks (WSNs). The proposed algorithm utilizes pseudo-random features of physical layer (PHY) of the communication stack to enable time-evolution of network keys increasing their complexity and reliability. This scalable and light-weight scheme is suitable for large networks of...
Forward-secure logging protects old log entries in a log file against an adversary compromising the log device. However, we show that previous work on forward-secure logging is prone to crash-attacks where the adversary removes log entries and then crashes the log device. As the state of the log after a crash-attack is indistinguishable from the state after a real crash, e.g., power failure, the adversary...
Research on gesture passwords suggest they are highly usable and secure, leading them to be proposed as a strong alternative authentication method for touchscreen devices. However, studies demonstrate that user-chosen gesture passwords are biased towards familiar symbols, increasing the risk of guessing. Prior work on gesture elicitation focuses on creating sets with high overlap, but gesture passwords...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.