Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- surveySeptember 2024JUST ACCEPTED
A Survey of Protocol Fuzzing
- Xiaohan Zhang,
- Cen Zhang,
- Xinghua Li,
- Zhengjie Du,
- Bing Mao,
- Yuekang Li,
- Yaowen Zheng,
- Yeting Li,
- Li Pan,
- Yang Liu,
- Robert Deng
Communication protocols form the bedrock of our interconnected world, yet vulnerabilities within their implementations pose significant security threats. Recent developments have seen a surge in fuzzing-based research dedicated to uncovering these ...
- surveySeptember 2024JUST ACCEPTED
Challenges and Opportunities in Mobile Network Security for Vertical Applications: A Survey
- Álvaro Sobrinho,
- Matheus Vilarim,
- Amanda Barbosa,
- Edmar Candeia Gurjão,
- Danilo F. S. Santos,
- Dalton Valadares,
- Leandro Dias da Silva
Ensuring the security of vertical applications in fifth-generation (5G) mobile communication systems and previous generations is crucial. These systems must prioritize maintaining the confidentiality, integrity, and availability of services and data. ...
- ArticleSeptember 2024
Where Do Safety and Security Mutually Reinforce? A Multi-level Model-Based Approach for a Consistent Interplay
Computer Safety, Reliability, and Security. SAFECOMP 2024 WorkshopsPages 316–328https://doi.org/10.1007/978-3-031-68738-9_25AbstractInterdependencies like mutual reinforcement between system safety and security concerns (e.g., requirements, countermeasures) are often ill-understood in their origins, as it is unclear which system elements cause them. To better comprehend how ...
- ArticleSeptember 2024
VUOS: A User-Space Hypervisor Based on System Call Hijacking
Computer Safety, Reliability, and Security. SAFECOMP 2024 WorkshopsPages 296–307https://doi.org/10.1007/978-3-031-68738-9_23AbstractVUOS (View based OS) is a virtual operating system that permits to give to each process a different view of the underlying system, i.e. access only some specific directories or specified system calls. This is currently obtained intercepting system ...
- ArticleSeptember 2024
Safety-Security Analysis via Attack-Fault-Defense Trees: Semantics and Cut Set Metrics
AbstractCyber-physical systems such as the advanced smart grid have a dynamic interaction between security, safety, and defense. Therefore, we need risk management strategies that take all three into account. This paper introduces a novel framework that ...
-
- ArticleSeptember 2024
Companion Apps or Backdoors? On the Security of Automotive Companion Apps
AbstractAutomotive companion apps are mobile apps designed to remotely connect with cars to provide features such as diagnostics, logging, navigation, and safety alerts. Specifically, onboard diagnostics (OBD) based mobile applications directly ...
- research-articleSeptember 2024
Dynamic Possible Source Count Analysis for Data Leakage Prevention
MPLR 2024: Proceedings of the 21st ACM SIGPLAN International Conference on Managed Programming Languages and RuntimesPages 98–111https://doi.org/10.1145/3679007.3685065Dynamic Taint Analysis (DTA) is a widely studied technique that can effectively detect various attacks and information leakage. In the context of detecting information leakage, taint is a flag added to data to indicate whether secret data can be inferred ...
- ArticleSeptember 2024
Getting Chip Card Payments Right
AbstractEMV is the international protocol standard for smart card payments and is used in billions of payment cards worldwide. Despite the standard’s advertised security, various issues have been previously uncovered, deriving from logical flaws that are ...
- ArticleSeptember 2024
Enhancing Social Network Trust with Improved EigenTrust Algorithm
AbstractIn today’s online environment, platforms like Facebook and Amazon rely heavily on trust and reputation management systems to ensure their integrity and security. This paper improves the EigenTrust algorithm, a notable model in trust calculation, ...
- research-articleSeptember 2024
ShouldAR: Detecting Shoulder Surfing Attacks Using Multimodal Eye Tracking and Augmented Reality
Proceedings of the ACM on Interactive, Mobile, Wearable and Ubiquitous Technologies (IMWUT), Volume 8, Issue 3Article No.: 97, Pages 1–23https://doi.org/10.1145/3678573Shoulder surfing attacks (SSAs) are a type of observation attack designed to illicitly gather sensitive data from "over the shoulder" of victims. This attack can be directed at mobile devices, desktop screens, Personal Identification Number (PIN) pads at ...
- research-articleSeptember 2024
Designing and Implementing Live Migration Support for Arm-based Confidential VMs
APSys '24: Proceedings of the 15th ACM SIGOPS Asia-Pacific Workshop on SystemsPages 53–59https://doi.org/10.1145/3678015.3680488Confidential virtual machines (CVMs) are increasingly deployed to protect users' code and data in use against attackers with hypervisor privileges. Given Arm's growing adoption, various implementations have extended commodity hypervisors like KVM to ...
- research-articleSeptember 2024
Towards Efficient End-to-End Encryption for Container Checkpointing Systems
APSys '24: Proceedings of the 15th ACM SIGOPS Asia-Pacific Workshop on SystemsPages 60–66https://doi.org/10.1145/3678015.3680477Container checkpointing has emerged as a new paradigm for task migration, preemptive scheduling and elastic scaling of microservices. However, as soon as a snapshot that contains raw memory is exposed through the network or shared storage, sensitive data ...
- extended-abstractSeptember 2024
Exploring Regulatory Sandboxes: Safeguarding AI-Based Software for Minors
GoodIT '24: Proceedings of the 2024 International Conference on Information Technology for Social GoodPages 158–162https://doi.org/10.1145/3677525.3678656The online safety of minors is a complex issue that legislators are striving to address. Numerous initiatives aim to define policies and best practices to mitigate the risks associated with the use of technologies and applications by young individuals, ...
- ArticleSeptember 2024
Addressing Privacy Concerns in Joint Communication and Sensing for 6G Networks: Challenges and Prospects
AbstractThe vision for 6G extends beyond mere communication, incorporating sensing capabilities to facilitate a diverse array of novel applications and services. However, the advent of joint communication and sensing (JCAS) technology introduces concerns ...
- ArticleSeptember 2024
No Transparency for Smart Toys
AbstractSmart toys combine traditional playtime with modern technologies, integrating IoT features like communication, computation, and sensing to create interactive toys that respond to their environment, offering children new options for entertainment ...
- research-articleSeptember 2024JUST ACCEPTED
A Large-Scale Study of IoT Security Weaknesses and Vulnerabilites in the Wild
ACM Transactions on Software Engineering and Methodology (TOSEM), Just Accepted https://doi.org/10.1145/3691628Internet of Things (IoT) is defined as the connection between places and physical objects (i.e., things) over the internet/network via smart computing devices. IoT is a rapidly emerging paradigm that now encompasses almost every aspect of our modern life. ...
- research-articleAugust 2024
Enhancing the Security of Software-Defined Networking through Forensic Memory Analysis
- Filipe Augusto da Luz Lemos,
- Thiago dos Santos Cavali,
- Keiko Verônica Ono Fonseca,
- Mauro Sergio Pereira Fonseca,
- Rubens Alexandre de Faria
Journal of Network and Systems Management (JNSM), Volume 32, Issue 4https://doi.org/10.1007/s10922-024-09862-4AbstractThe increasing complexity and dynamic nature of software-defined networking (SDN) environments pose significant challenges for network security. We propose a methodology for enhancing the security of SDN systems through the use of a well ...
- research-articleAugust 2024
Predictive digital twin driven trust model for cloud service providers with Fuzzy inferred trust score calculation
Journal of Cloud Computing: Advances, Systems and Applications (JOCCASA), Volume 13, Issue 1https://doi.org/10.1186/s13677-024-00694-wAbstractCloud computing has become integral to modern computing infrastructure, offering scalability, flexibility, and cost-effectiveness. Trust is a critical aspect of cloud computing, influencing user decisions in selecting Cloud Service Providers (CSPs)...
- ArticleAugust 2024
Adversarial Attacks on Large Language Models
AbstractLarge Language Models (LLMs) have rapidly advanced and garnered increasing attention due to their remarkable capabilities across various applications. However, adversarial attacks pose a significant threat to LLMs, as prior research has ...
- ArticleAugust 2024
AI in Healthcare Data Privacy-Preserving: Enhanced Trade-Off Between Security and Utility
Knowledge Science, Engineering and ManagementPages 349–360https://doi.org/10.1007/978-981-97-5498-4_27AbstractThe digital shift in healthcare has spurred progress in medical services. However, this progress has introduced substantial security risks, necessitating a balance between data privacy and utility. This paper examines the challenges of managing ...