Arash Bozorgchenani, Charilaos C. Zarakovitis, S. Chien, Heng-Siong Lim, Q. Ni, Antonios Gouglidis, Wissam Mallouli
The advent of 5G technology introduces new - and potentially undiscovered - cybersecurity challenges, with unforeseen impacts on our economy, society, and environment. Interestingly, Intrusion Detection Mechanisms (IDMs) can provide the necessary network monitoring to ensure - to a big extent - the detection of 5G-related cyberattacks. Yet, how to realize the attack surface of 5G networks with respect to the detected risks, and, consequently, how to optimize the cybersecurity levels of the network, remains an open critical challenge. In respect, this work focuses on deploying multiple distributed Security Agents (SAs) that can run different IDMs over various network components and proposes a cybersecurity mechanism for optimizing the network’s attack surface with respect to the Quality of Service (QoS). The proposed approach relies on a new closed-form utility function to describe the trade-off between cybersecurity and QoS and uses multi-objective optimization to improve the selection of each SA detection level. We demonstrate via simulations that before optimization, an increase in the detection level of SAs brings a direct decrease in QoS as more computational, bandwidth and monetary resources are utilized for IDM processing. Thereby, after optimization, we demonstrate that our mechanism can strike a balance between cybersecurity and QoS while showcasing the impact of the importance of different objectives of the joint optimization.
{"title":"Joint Security-vs-QoS Framework: Optimizing the Selection of Intrusion Detection Mechanisms in 5G networks","authors":"Arash Bozorgchenani, Charilaos C. Zarakovitis, S. Chien, Heng-Siong Lim, Q. Ni, Antonios Gouglidis, Wissam Mallouli","doi":"10.1145/3538969.3544480","DOIUrl":"https://doi.org/10.1145/3538969.3544480","url":null,"abstract":"The advent of 5G technology introduces new - and potentially undiscovered - cybersecurity challenges, with unforeseen impacts on our economy, society, and environment. Interestingly, Intrusion Detection Mechanisms (IDMs) can provide the necessary network monitoring to ensure - to a big extent - the detection of 5G-related cyberattacks. Yet, how to realize the attack surface of 5G networks with respect to the detected risks, and, consequently, how to optimize the cybersecurity levels of the network, remains an open critical challenge. In respect, this work focuses on deploying multiple distributed Security Agents (SAs) that can run different IDMs over various network components and proposes a cybersecurity mechanism for optimizing the network’s attack surface with respect to the Quality of Service (QoS). The proposed approach relies on a new closed-form utility function to describe the trade-off between cybersecurity and QoS and uses multi-objective optimization to improve the selection of each SA detection level. We demonstrate via simulations that before optimization, an increase in the detection level of SAs brings a direct decrease in QoS as more computational, bandwidth and monetary resources are utilized for IDM processing. Thereby, after optimization, we demonstrate that our mechanism can strike a balance between cybersecurity and QoS while showcasing the impact of the importance of different objectives of the joint optimization.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124693534","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Christian Oliva, Ignacio Palacio Marín, L. F. Lago-Fernández, David Arroyo
In this article we address the challenge of detecting the generation and spreading of misleading information in the specific scenario of clickbait. Our contribution consists of a methodology that combines a deep neural network and an information divergence measure to overcome the limitations of deep learning techniques in this scenario. This analysis is conducted by considering a clickbait challenge dataset. We realise that the construction of the dataset used to study this kind of problems dramatically affects the performance of the model and, thus, its selection. Since clickbait is a result of the inconsistency between headlines and content, we integrate a divergence measure as a layer of a deep learning model. The resulting model overcomes the limitations of conventional machine learning and deep learning models in clickbait detection.
{"title":"Rumor and clickbait detection by combining information divergence measures and deep learning techniques","authors":"Christian Oliva, Ignacio Palacio Marín, L. F. Lago-Fernández, David Arroyo","doi":"10.1145/3538969.3543791","DOIUrl":"https://doi.org/10.1145/3538969.3543791","url":null,"abstract":"In this article we address the challenge of detecting the generation and spreading of misleading information in the specific scenario of clickbait. Our contribution consists of a methodology that combines a deep neural network and an information divergence measure to overcome the limitations of deep learning techniques in this scenario. This analysis is conducted by considering a clickbait challenge dataset. We realise that the construction of the dataset used to study this kind of problems dramatically affects the performance of the model and, thus, its selection. Since clickbait is a result of the inconsistency between headlines and content, we integrate a divergence measure as a layer of a deep learning model. The resulting model overcomes the limitations of conventional machine learning and deep learning models in clickbait detection.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"128605785","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The increase in the number of Internet users has also led to an increase in activities leading to a cyber threat and fraud intelligence. These activities include the use of the Dark Web for coordination and virtual currencies for funding. This article will present the main methods of cyber-attacks and crimes used nowadays, and how they can be prevented by using tools specialized in monitoring transactions with virtual currencies and detecting web pages that pose a threat to users. The tools that will be described in this article are Graphsense used to analyze virtual currency activities and SpiderFoot used to identify Cyber Threat, Attack Surfaces, Security Assessments and Asset Discovery.
{"title":"Fraudulent Activities in the Cyber Realm: DEFRAUDify Project: Fraudulent Activities in the Cyber Realm: DEFRAUDify Project","authors":"Razvan-Alexandru Bratulescu, Robert-Ionut Vatasoiu, Sorina-Andreea Mitroi, G. Suciu, Mari-Anais Sachian, Daniel-Marian Dutu, Serban-Emanuel Calescu","doi":"10.1145/3538969.3544434","DOIUrl":"https://doi.org/10.1145/3538969.3544434","url":null,"abstract":"The increase in the number of Internet users has also led to an increase in activities leading to a cyber threat and fraud intelligence. These activities include the use of the Dark Web for coordination and virtual currencies for funding. This article will present the main methods of cyber-attacks and crimes used nowadays, and how they can be prevented by using tools specialized in monitoring transactions with virtual currencies and detecting web pages that pose a threat to users. The tools that will be described in this article are Graphsense used to analyze virtual currency activities and SpiderFoot used to identify Cyber Threat, Attack Surfaces, Security Assessments and Asset Discovery.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130843696","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Security incidents in blockchain-based systems are frequent nowadays, which calls for more structured efforts in incident reporting and response. To improve the current status quo of reporting incidents on blogs and social media, we propose a decentralized incident reporting and discussion system. Our approach guides users (security novices) towards a classification of their observations using a tiered taxonomy of blockchain incidents. Questions based on previous incidents interactively support the classification. Post submission a security incident response committee then discusses these observations on our decentralized platform to decide on an appropriate response. For evaluation, we implement our model as a decentralized application and demonstrate its practical suitability in a preliminary user study.
{"title":"BISCUIT - Blockchain Security Incident Reporting based on Human Observations","authors":"B. Putz, Manfred Vielberth, G. Pernul","doi":"10.1145/3538969.3538984","DOIUrl":"https://doi.org/10.1145/3538969.3538984","url":null,"abstract":"Security incidents in blockchain-based systems are frequent nowadays, which calls for more structured efforts in incident reporting and response. To improve the current status quo of reporting incidents on blogs and social media, we propose a decentralized incident reporting and discussion system. Our approach guides users (security novices) towards a classification of their observations using a tiered taxonomy of blockchain incidents. Questions based on previous incidents interactively support the classification. Post submission a security incident response committee then discusses these observations on our decentralized platform to decide on an appropriate response. For evaluation, we implement our model as a decentralized application and demonstrate its practical suitability in a preliminary user study.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122327719","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Giovanni Ciaramella, Giacomo Iadarola, F. Mercaldo, Marco Storto, A. Santone, Fabio Martinelli
Mobile malware are increasing their complexity to be able to evade the current detection mechanism by gathering our sensitive and private information. For this reason, an active research field is represented by malware detection, with a great effort in the development of deep learning models starting from a set of malicious and legitimate applications. The recent introduction of quantum computing made possible quantum machine learning i.e., the integration of quantum algorithms within machine learning algorithms. In this paper, we propose a comparison between several deep learning models, by taking into account also a hybrid quantum malware detector. We explore the effectiveness of different architectures for malicious family detection in the Android environment: LeNet, AlexNet, a Convolutional Neural Network model designed by authors, VGG16 and a Hybrid Quantum Convolutional Neural Network i.e., a model where the first layer is a quantum convolution that uses transformations in circuits to simulate the behavior of a quantum computer. Experiments performed on a real-world dataset composed of 8446 Android malicious and legitimate applications allow us to compare the various models, with particular regard to the quantum model concerning the other ones.
{"title":"Introducing Quantum Computing in Mobile Malware Detection","authors":"Giovanni Ciaramella, Giacomo Iadarola, F. Mercaldo, Marco Storto, A. Santone, Fabio Martinelli","doi":"10.1145/3538969.3543816","DOIUrl":"https://doi.org/10.1145/3538969.3543816","url":null,"abstract":"Mobile malware are increasing their complexity to be able to evade the current detection mechanism by gathering our sensitive and private information. For this reason, an active research field is represented by malware detection, with a great effort in the development of deep learning models starting from a set of malicious and legitimate applications. The recent introduction of quantum computing made possible quantum machine learning i.e., the integration of quantum algorithms within machine learning algorithms. In this paper, we propose a comparison between several deep learning models, by taking into account also a hybrid quantum malware detector. We explore the effectiveness of different architectures for malicious family detection in the Android environment: LeNet, AlexNet, a Convolutional Neural Network model designed by authors, VGG16 and a Hybrid Quantum Convolutional Neural Network i.e., a model where the first layer is a quantum convolution that uses transformations in circuits to simulate the behavior of a quantum computer. Experiments performed on a real-world dataset composed of 8446 Android malicious and legitimate applications allow us to compare the various models, with particular regard to the quantum model concerning the other ones.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121501655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Georgios Agrafiotis, Eftychia Makri, Ioannis Flionis, Antonios Lalas, K. Votis, D. Tzovaras
Traffic categorization is considered of paramount importance in the network security sector, as well as the first stage in network anomaly detection, or in a network-based intrusion detection system (IDS). This paper introduces an artificial intelligence (AI) network traffic classification pipeline, including the employment of state-of-the-art image-based neural network models, namely Vision Transformers (ViT) and Convolutional Neural Networks (CNN), whereas the primary element of this pipeline is the transformation of raw traffic data into grayscale pictures introducing a properly developed IDS-Vision Toolkit as well. This approach extracts characteristics from network traffic data without requiring domain expertise and could be easily adapted to new network protocols and technologies (i.e. 5G). Furthermore, the proposed method was tested on the CIC-IDS-2017 dataset and compared to a well-known feature extraction strategy on the same dataset. Finally, it surpasses all suggested binary classification algorithms for the CIC-IDS-2017 dataset to the best of our knowledge, paving the path for further exploitation in the 5G domain to successfully address related cybersecurity challenges.
{"title":"Image-based Neural Network Models for Malware Traffic Classification using PCAP to Picture Conversion","authors":"Georgios Agrafiotis, Eftychia Makri, Ioannis Flionis, Antonios Lalas, K. Votis, D. Tzovaras","doi":"10.1145/3538969.3544473","DOIUrl":"https://doi.org/10.1145/3538969.3544473","url":null,"abstract":"Traffic categorization is considered of paramount importance in the network security sector, as well as the first stage in network anomaly detection, or in a network-based intrusion detection system (IDS). This paper introduces an artificial intelligence (AI) network traffic classification pipeline, including the employment of state-of-the-art image-based neural network models, namely Vision Transformers (ViT) and Convolutional Neural Networks (CNN), whereas the primary element of this pipeline is the transformation of raw traffic data into grayscale pictures introducing a properly developed IDS-Vision Toolkit as well. This approach extracts characteristics from network traffic data without requiring domain expertise and could be easily adapted to new network protocols and technologies (i.e. 5G). Furthermore, the proposed method was tested on the CIC-IDS-2017 dataset and compared to a well-known feature extraction strategy on the same dataset. Finally, it surpasses all suggested binary classification algorithms for the CIC-IDS-2017 dataset to the best of our knowledge, paving the path for further exploitation in the 5G domain to successfully address related cybersecurity challenges.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131469899","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
The evolution of Information and Communications Technology and Cloud Computing, combined with the advent of novel telecommunication frameworks such as 5G, have introduced the notion of ubiquitous connectivity combined with a seemingly vast pool of resources, storage and services. This immense transformation introduced new types of security threats mostly due to the significant increase of the attack surface, which can now be compromised by malicious users. Despite the fact that malicious attacks constantly become more and more sophisticated, SMEs and public administrations remain reluctant to invest in cybersecurity since they operate on a limited budget and are mostly focused in time to market and cost minimization. The purpose of this book chapter is to provide an overview on how the most common network-related cybersecurity attacks are orchestrated, which are the systems and services they affect the most as well as present specific design principles and guidelines for crafting platforms and frameworks capable of mitigating such attacks and ensure a certain level of secure operation.
{"title":"Improving Network, Data and Application Security for SMEs","authors":"C. Tselios, Ilias Politis, C.K. Xenakis","doi":"10.1145/3538969.3544426","DOIUrl":"https://doi.org/10.1145/3538969.3544426","url":null,"abstract":"The evolution of Information and Communications Technology and Cloud Computing, combined with the advent of novel telecommunication frameworks such as 5G, have introduced the notion of ubiquitous connectivity combined with a seemingly vast pool of resources, storage and services. This immense transformation introduced new types of security threats mostly due to the significant increase of the attack surface, which can now be compromised by malicious users. Despite the fact that malicious attacks constantly become more and more sophisticated, SMEs and public administrations remain reluctant to invest in cybersecurity since they operate on a limited budget and are mostly focused in time to market and cost minimization. The purpose of this book chapter is to provide an overview on how the most common network-related cybersecurity attacks are orchestrated, which are the systems and services they affect the most as well as present specific design principles and guidelines for crafting platforms and frameworks capable of mitigating such attacks and ensure a certain level of secure operation.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131594601","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Mandana Falahi, A. Vasilățeanu, N. Goga, G. Suciu, Mari-Anais Sachian, Robert Florescu, Ștefan-Daniel Stanciu
In the current industrial century, smart grid is one of the technologies that has been proposed for efficient and quality distribution of electricity. However, this technology is exposed to many security threats and vulnerabilities. These challenges have led to the development of advanced technologies and sustainable solutions to make smart grids more secure and reliable. Blockchain is one of the recent technologies that has attracted a lot of attention in various applications, including smart grids. SealedGRID is a project designed, analyzed and implemented with the aim of providing a scalable and reliable Smart Grid security platform based on blockchain. In this paper, we present a scalable and secure solution for smart grids using Hyperledger Fabric and MQTT.
{"title":"Improving Security and Scalability in Smart Grids using Blockchain Technologies","authors":"Mandana Falahi, A. Vasilățeanu, N. Goga, G. Suciu, Mari-Anais Sachian, Robert Florescu, Ștefan-Daniel Stanciu","doi":"10.1145/3538969.3544441","DOIUrl":"https://doi.org/10.1145/3538969.3544441","url":null,"abstract":"In the current industrial century, smart grid is one of the technologies that has been proposed for efficient and quality distribution of electricity. However, this technology is exposed to many security threats and vulnerabilities. These challenges have led to the development of advanced technologies and sustainable solutions to make smart grids more secure and reliable. Blockchain is one of the recent technologies that has attracted a lot of attention in various applications, including smart grids. SealedGRID is a project designed, analyzed and implemented with the aim of providing a scalable and reliable Smart Grid security platform based on blockchain. In this paper, we present a scalable and secure solution for smart grids using Hyperledger Fabric and MQTT.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"132800298","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Vaia-Maria Angeli, Ahmad Atamli-Reineh, Erisa Karafili
The Tor browser is a popular tool that is used by many users around the world. The browser is common among cyber criminals who use the tool to hide their activities. Until now, little research has been conducted by forensics researchers on the Tor browser, its application, and the data that can be obtained from the artefacts generated from its execution. In this work, we present a forensics analysis of the footprint left by the Tor application in the Windows environment. Our analysis focuses on three critical areas that are examined: network, memory, and hard disk. We provide a methodology that allows a structured forensic investigation. In this work, we examine multiple tools’ abilities in obtaining artefacts. The artefacts were identified not only when the Tor browser was running, but also when it was closed and uninstalled. We provide a methodology to analyse Tor applications with a focused case study of the Tor browser, allowing investigators to analyse Tor browsers and reproduce our results.
{"title":"Forensic analysis of Tor in Windows environment: A case study","authors":"Vaia-Maria Angeli, Ahmad Atamli-Reineh, Erisa Karafili","doi":"10.1145/3538969.3543808","DOIUrl":"https://doi.org/10.1145/3538969.3543808","url":null,"abstract":"The Tor browser is a popular tool that is used by many users around the world. The browser is common among cyber criminals who use the tool to hide their activities. Until now, little research has been conducted by forensics researchers on the Tor browser, its application, and the data that can be obtained from the artefacts generated from its execution. In this work, we present a forensics analysis of the footprint left by the Tor application in the Windows environment. Our analysis focuses on three critical areas that are examined: network, memory, and hard disk. We provide a methodology that allows a structured forensic investigation. In this work, we examine multiple tools’ abilities in obtaining artefacts. The artefacts were identified not only when the Tor browser was running, but also when it was closed and uninstalled. We provide a methodology to analyse Tor applications with a focused case study of the Tor browser, allowing investigators to analyse Tor browsers and reproduce our results.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115049397","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Software developers use web application vulnerability scanners to automatically identify security weaknesses in their web applications. The scanners inspect source code or analyze the running application, and look for specific vulnerability types. While it can be expected that a scanner will not discover every vulnerability, no information is available on the expected efficacy of currently available vulnerability scanners for a given vulnerability type. We present an analysis of 24 web vulnerability scanners and determine their effectiveness on 11 vulnerability types. Our study offers insights into the trade-offs when selecting a specific type of scanner. We show that for some vulnerability types, most vulnerability scanners perform poorly.
{"title":"A Quantitative Assessment of the Detection Performance of Web Vulnerability Scanners","authors":"Emma Lavens, Pieter Philippaerts, W. Joosen","doi":"10.1145/3538969.3544416","DOIUrl":"https://doi.org/10.1145/3538969.3544416","url":null,"abstract":"Software developers use web application vulnerability scanners to automatically identify security weaknesses in their web applications. The scanners inspect source code or analyze the running application, and look for specific vulnerability types. While it can be expected that a scanner will not discover every vulnerability, no information is available on the expected efficacy of currently available vulnerability scanners for a given vulnerability type. We present an analysis of 24 web vulnerability scanners and determine their effectiveness on 11 vulnerability types. Our study offers insights into the trade-offs when selecting a specific type of scanner. We show that for some vulnerability types, most vulnerability scanners perform poorly.","PeriodicalId":306813,"journal":{"name":"Proceedings of the 17th International Conference on Availability, Reliability and Security","volume":null,"pages":null},"PeriodicalIF":0.0,"publicationDate":"2022-08-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115085427","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}