Network and System Security: 14th International Conference, NSS 2020, Melbourne, VIC, Australia, November 25–27, 2020, Proceedings
3030657442, 9783030657444
This book constitutes the refereed proceedings of the 14th International Conference on Network and System Security, NSS
290
18
27MB
English
Pages 448
[458]
Year 2021
Report DMCA / Copyright
DOWNLOAD PDF FILE
Table of contents :
Preface
Organization
Contents
Full Papers
Data Analytics of Crowdsourced Resources for Cybersecurity Intelligence
1 Introduction
2 Related Work
2.1 Vulnerability Exploits Prediction
2.2 Cyber Threat Intelligence Using Social Media Data
3 Crowdsourced Resources Analytics Methodology
4 Data-Driven System Architecture and Implementation
4.1 System Overview and Architecture
4.2 Crowdsourced Dataset Description
4.3 System Implementation and Deployment
5 Analysis, Applications and Evaluation
5.1 Security Data Statistics and Distribution
5.2 System Implementation and Evaluation
6 Conclusion
References
Security Evaluation of Smart Contract-Based On-chain Ethereum Wallets
1 Introduction
2 Related Work
2.1 On-chain Smart Contract Wallets on Ethereum
2.2 Security Attacks on On-chain Wallet Contracts
2.3 Security Analysis Tools for Smart Contract Wallets
3 A Novel Analysis Framework
3.1 Programming Security
3.2 Ethereum Virtual Machine (EVM) Security
3.3 External Source Security
3.4 Research Workflow Using Our Framework Components
4 Evaluation and Discussion
4.1 Experiment Setups and Results
4.2 Discussion
5 Conclusion
References
EnCoD: Distinguishing Compressed and Encrypted File Fragments
1 Introduction
2 Background
2.1 Ransomware Detection
2.2 Forensics
2.3 Network Traffic Analysis
2.4 Challenges
3 Review of Existing Techniques
3.1 NIST SP800-22
3.2 2 Test
3.3 HEDGE
4 EnCoD: A Learning-Based Approach
4.1 Model Architecture #1: Binary Classifiers
4.2 Model Architecture #2: Content-Type Detector
4.3 Fragment Dataset
4.4 Dataset Analysis Methodology
5 Evaluation
5.1 Implementation
5.2 Binary Classification: All Formats
5.3 Binary Classification by Format
5.4 Format Fingerprinting
5.5 Overhead
6 Discussion of Findings
7 Related Work
7.1 Entropy-Based Encryption Detection
7.2 Non-entropy-based Approaches
8 Conclusions
A Entropy Analysis Results
References
A Weighted Voting Framework for Android App's Vetting Based on Multiple Machine Learning Models
1 Introduction
2 Preliminaries
2.1 Machine Learning Model
2.2 Android Malware's Feature Set
3 A Weighted Voting Framework Based on Multiple Machine Learning Models
3.1 Android Malware Detection Methods
3.2 Extracting Feature Set
3.3 A Weighted Voting for App's Vetting in Android
4 Experiment
4.1 Datasets
4.2 Porformance Evaluation
5 Conclusion and Future Work
References
HyperWall: A Hypervisor for Detection and Prevention of Malicious Communication
1 Introduction
2 Background
2.1 Intel Network Cards
3 Threat Model
4 Attack Module
5 Hypervisor Design
5.1 Thin Hypervisors
5.2 Hypervisor Initialization
5.3 Interception of System Calls
5.4 Interception of Network Card Accesses
6 Evaluation
6.1 Security Evaluation
6.2 Performance Evaluation
7 Related Work
8 Conclusions
References
Safety Analysis of High-Dimensional Anonymized Data from Multiple Perspectives
1 Introduction
2 Related Works
2.1 K-anonymity
2.2 Genome Privacy
2.3 Maximum-Knowledge Attack
2.4 Sensitive Attribute Disclosure
3 Preliminary
3.1 Matrix Decomposition as Anonymization
3.2 Evaluation of Utility
4 Our Method
4.1 Attacker Assumptions
4.2 Algorithm
5 Experiments
5.1 Evaluation of Utility
5.2 Evaluation of Safety
6 Discussion
6.1 Comparison of Our Method with Conventional Methods
6.2 Matrix Decomposition and Privacy
7 Conclusion
References
Defending Against Package Typosquatting
1 Introduction
2 Background
2.1 Package Repositories
2.2 Factors Contributing to Typosquatting
2.3 Historical Package Typosquatting
2.4 Consequences of Typosquatting
3 Detecting Typosquatting
3.1 TypoGard Workflow
3.2 TypoGard Batch Analysis
3.3 Typosquatting Signals
3.4 Package Popularity
4 Analysis and Evaluation
4.1 Dataset
4.2 Popularity Threshold
4.3 Typosquatting Signal Detection Rates
4.4 TypoGard Overhead
5 Discussion
5.1 Extensions and Customizations to TypoGard
5.2 Server-Side Protection Mechanisms
5.3 Defensive Typosquatting
6 Related Work
7 Conclusion
References
Graph Deep Learning Based Anomaly Detection in Ethereum Blockchain Network
1 Introduction
2 Related Works
2.1 Traditional, Non-graph Based Techniques
2.2 Graph-Based Techniques
3 Methodology
3.1 Concept of Hypersphere Based Learning
3.2 OCGNN: One Class Graph Neural Network
3.3 Variants of OCGNN
3.4 Model Optimization
4 Experiments
4.1 Raw Dataset
4.2 Feature Extraction
4.3 Ethereum Graph Data
4.4 Influence of the Hyper-parameters
5 Discussions
6 Conclusion
A OCGNN Model Training Algorithm
B Loss Curves and AUROC Curves for Different Training Sample Sizes
References
Game Theoretic Analysis of Reputation Approach on Block Withholding Attack
1 Introduction
2 Preliminaries
2.1 Bitcoin and the Underlying Blockchain
2.2 RepuCoin
2.3 Block Withholding Attack
2.4 One-Poisson-Mean-Test as a Countermeasure to Block Withholding Attack
3 Reputation Mechanisms
3.1 Reputation Generalization
3.2 Reputation-Based Reward Distribution for Pools
3.3 Reputation-Based Reward Sharing Schema Within Pools
4 Game Theoretic Analysis
4.1 Honest Strategy Utility
4.2 Block Withholding Attack Utility
4.3 Numerical Analysis
5 Discussion
6 Related Work
6.1 Reputation Concept in Blockchain
6.2 Block Withholding Attack Mitigation
7 Conclusion and Future Work
References
Identity-Based Outsider Anonymous Broadcast Encryption with Simultaneous Individual Messaging
1 Introduction
1.1 Motivating Application Scenarios
1.2 Related Work
1.3 Our Contribution
2 Preliminary Background
2.1 Asymmetric Bilinear Pairings and Hardness Assumptions
2.2 Identity-Based Outsider Anonymous Broadcast Encryption with Personalized Messages
3 Proposed IB-OAnoBEPM construction
3.1 Protocol Description
3.2 Security Analysis
4 Efficiency
5 Implementation and Evaluation
6 Conclusion
A Proof of Theorem 1
References
Compactly Committing Authenticated Encryption Using Tweakable Block Cipher
1 Introduction
2 Preliminaries
2.1 Notations
2.2 Pseudorandom Functions
2.3 Tweakable Block Ciphers
2.4 Cryptographic Hash Functions
3 Encryptment
3.1 Syntax
3.2 Security Requirement
4 Proposed Scheme
4.1 Scheme
4.2 Security
5 ccAEAD
5.1 Syntax
5.2 Security Requirement
5.3 Scheme
5.4 Security
A Proof of Lemma 2
B Proof of Theorem 5
References
Model Poisoning Defense on Federated Learning: A Validation Based Approach
1 Introduction
2 Background
2.1 Federated Learning
2.2 Model Poisoning Attack
3 Defenses Method for Model Poisoning
3.1 Model Poisoning Defense Overview
3.2 Scenario 1: The Client Is Similar in Composition
3.3 Scenario 2: Client Has only One Type of Data
3.4 Discussion on the Proposed Method
4 Experiments
4.1 Experimental Setup
4.2 Model Poisoning Attack Results
4.3 The Performance of Our Defenses Method
5 Related Work
6 Conclusions and Future Work
References
Fixing Vulnerabilities Automatically with Linters
1 Introduction
2 In a Nutshell
3 ESLint
3.1 Features
4 ESLint Rules for Fixing Vulnerabilities
4.1 Cross-Site Scripting
4.2 Security Misconfiguration
4.3 SQL Injection
5 Analysis
5.1 ESLint Strengths and Limitations
5.2 ESLint Security Plugins
5.3 ESLint Rule Guidelines
5.4 ESLint Configuration
6 Recommendations
7 Related Work
8 Conclusion
A ESLint
A.1 How ESLint Works
A.2 Rules
References
Sequential Anomaly Detection Using Feedback and Prioritized Experience Replay
1 Introduction
2 Motivation
3 Related Work
4 Proposed Methodology
4.1 Feedback
4.2 State Function
4.3 Prioritized Experience Replay
4.4 Agent
4.5 Training Framework
4.6 Testing Framework
4.7 External Sources
5 Experimental Results
5.1 Dataset Description
5.2 Proposed Model and Variants
5.3 Results
5.4 Threats to Validity
6 Conclusion and Future Work
References
A Framework of Blockchain-Based Collaborative Intrusion Detection in Software Defined Networking
1 Introduction
2 Background and Related Work
2.1 Software Defined Networking
2.2 Blockchain
2.3 Related Work
3 Our Framework
4 Evaluation
5 Conclusion
References
Evaluation of Anomaly-Based Intrusion Detection with Combined Imbalance Correction and Feature Selection
1 Introduction
2 Background on NSL-KDD Dataset
3 Imbalanced Correction and Feature Selection
3.1 Handling Imbalanced Data
3.2 Feature Selection
4 Evaluation Metrics
4.1 Performance Metrics
4.2 Sensitive Metrics
5 Evaluation and Results
5.1 Results from Imbalance Handling and Feature Selection
5.2 Specifications of Used Models
5.3 Specification of Ensemble
5.4 Effect of Imbalance Correction
5.5 Effect of Feature Selection
5.6 Effect of Imbalance Correction Combined with Feature Selection
6 Conclusion
References
AC0 Constructions of Secret Sharing Schemes – Accommodating New Parties
1 Introduction
1.1 Related Work
1.2 Our Contribution
2 Preliminaries
2.1 Secret Sharing Scheme
2.2 Error-Correcting Codes
3 Main Results and Technical Details
3.1 A Dynamic Robust Secret Sharing Scheme in AC0
3.2 Evolving Secret Sharing in AC0
4 Comparison with Existing Schemes
5 Conclusion
References
Short Papers
Multiply, Divide, and Conquer – Making Fully Decentralised Access Control a Reality
1 Introduction
2 Background
2.1 Secret Sharing
2.2 Attribute-Based Access Control
2.3 Mobile Trusted Computing
3 Multiply, Divide, and Conquer
3.1 Architecture
3.2 Data Publishing
3.3 Data Access
4 Security Characteristics
5 Implementation and Performance
5.1 Implementation Details and General System Characteristics
5.2 Benchmarks
6 Related Work
7 Conclusions
A Security Model
A.1 Assets
A.2 Security Services and Goals
A.3 Actor and Adversary Model
A.4 System Properties Providing Security Services
References
A Model Specification Implementation for Trust Negotiation
1 Introduction
2 Related Work
3 Specification of the Trust Negotiation Module
4 Implementation of the Trust Negotiation Module
4.1 The Core of Trust Negotiation
4.2 Processing Trust Negotiation
4.3 External Dependencies
5 Trust Negotiation Ride-Sharing Scenario
6 Validation of the Trust Negotiation Module
7 Conclusion
Appendix A Optimistic Strategy
Appendix B Pessimistic Strategy
Appendix C Balanced Strategy
Appendix D Improved Balanced Strategy
References
Privacy and Utility Trade-Off for Textual Analysis via Calibrated Multivariate Perturbations
1 Introduction
2 Preliminary
2.1 Centralized Privacy Protection Model
2.2 Local Privacy Protection Model
2.3 dX-privacy: Improved LDP
3 Privacy Preserving Mechanism
3.1 Notataions and Problem Definition
3.2 Mechanism Overview
3.3 Method Details
3.4 Sampling from the Noise Distribution
4 Statistics for Privacy Calibration
5 Experiment Evaluation
5.1 Experiment Setup
5.2 Experiment Results
6 Conclusion
References
PowerKey: Generating Secret Keys from Power Line Electromagnetic Interferences
1 Introduction
2 Preliminaries on Power Line EMI
3 Problem and Threat Model
3.1 Problem Statement
3.2 Threat Model
4 An In-Depth Look at High-Frequency EMI Spikes
5 The Design of PowerKey
5.1 Offline Pre-processing
5.2 Quantize Frequencies of EMI Spikes
5.3 Extract Secret Keys
6 Evaluation Methodology
7 Evaluation Results
8 Related Works
9 Conclusion
References
On the Vulnerability of Hyperdimensional Computing-Based Classifiers to Adversarial Attacks
1 Introduction
2 Preliminaries on HDC Classifiers
2.1 Random Indexing
2.2 Multiply-Add-Permute Operation
3 A HDC Classifier on MNIST Dataset
3.1 Mapping
3.2 HDC Classifier
4 Threat Model
5 A Modified Genetic Algorithm
5.1 Genetic Algorithm
5.2 Modification for Perturbation Reduction
5.3 Effect of Perturbation Reduction
6 Evaluation Results
6.1 HDC Classifier Training
6.2 Attack on HDC Classifier with RMR
6.3 Attack on HDC Classifier with FMR
7 Related Works
8 Conclusion
References
ESCAPADE: Encryption-Type-Ransomware: System Call Based Pattern Detection
1 Introduction
2 Background and Related Work
2.1 Android Security History
2.2 Ransomware
2.3 Static Analysis
2.4 Dynamic Analysis
3 Methodology
3.1 System Call Log Collection
3.2 Detection of Behavioural Patterns
3.3 Pattern Acquisition and Classification
4 Evaluation
4.1 Dataset Acquisition
4.2 Evaluation Method
4.3 Detected Patterns
4.4 Benign Applications Results
5 Conclusions
5.1 Discussion and Future Work
References
A Privacy Preserving Aggregation Scheme for Fog-Based Recommender System
1 Introduction
2 Related Work
3 Privacy Preserving Aggregation Scheme Modelling
3.1 Data Preprocessing
3.2 DP-TopN Aggregation Function
4 Evaluation and Analysis
4.1 Data Utility vs RMSE and MAE
4.2 Privacy Level vs RMSE and MAE
4.3 Privacy Preserving vs Non Privacy Preserving
4.4 Evaluation Summary
5 Conclusion and Future Work
References
The Impact of Differential Privacy on Model Fairness in Federated Learning
1 Introduction
2 Related Work
2.1 Fairness in Federated Learning
3 Preliminaries
3.1 Differential Privacy
3.2 Fairness Metrics
4 Evaluation and Analysis
4.1 Experimental Setup
4.2 Classification of the Adult Dataset
4.3 Classification of Bank Data
4.4 Classification of Clients' Default
4.5 Impact of Parameters
5 Conclusions
References
Evading Stepping-Stone Detection with Enough Chaff
1 Introduction
1.1 Background
2 Data Generation Setting
2.1 Containerisation
2.2 Simulating Stepping Stones with SSH-Tunnels and Docker
2.3 Evasive Tactics
3 Evaluation Data
3.1 Stepping-Stone Data
3.2 Benign Data
3.3 Evaluation Methodology
4 Selected SSD Methods and Implementation
5 Results
5.1 Data Without Evasion Tactics
5.2 Delays
5.3 Chaff
5.4 Summary
6 Related Work
6.1 Testbeds and Data
7 Conclusion
A False Positives
B Influence of Chain Length
C Influence of Network Settings
References
Author Index