Computers & Security最新文献_第7页

RTFuzz: Fuzzing browsers via efficient render tree mutation RTFuzz：通过有效的渲染树变异来模糊浏览器

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-14 DOI: 10.1016/j.cose.2025.104756

Yishun Zeng, Yue Wu, Xicheng Lu, Chao Zhang

The rendering engine is a cornerstone of modern web browsers, responsible for transforming heterogeneous inputs-HTML, CSS, and JavaScript-into visual page content. This complex process involves constructing and updating the render tree, which governs layout and painting, but also introduces subtle defects that manifest as robustness and security challenges. Existing browser fuzzers largely fall short in thoroughly testing the rendering engine due to two fundamental challenges: (i) the vast, multidimensional input space makes efficient exploration difficult; (ii) the periodic, incremental rendering model of modern rendering engines merges multiple updates of the render tree within each rendering cycle, reducing activation of deep pipeline logic such as layout and painting. In this paper, we aim to enhance the testing depth of the rendering pipeline-rather than simply increasing code coverage-by focusing on updating the render tree, the central data structure linking frontend inputs to backend layout and painting modules. Our approach incorporates (i) correlation-based pruning strategies for HTML elements and CSS properties to prioritize high-yield input combinations, and (ii) a time-sliced testing scheme that intentionally distributes mutations across multiple rendering cycles within a single test case, thereby increasing the trigger frequency of backend rendering modules. We implement a prototype, RTFuzz, and evaluate it extensively. Compared to state-of-the-art fuzzers Domato, FreeDom, and Minerva, RTFuzz helps uncover 43.1 %, 28.7 %, and 75.7 % more unique crashes, 83.3 % of which occur in the rendering pipeline, and further identified 20 real-world defects during long-running experiments. Ablation studies confirm that correlation-based pruning increases unique crashes by 79.2 %, and the time-sliced scheme contributes a 16.2 % improvement.

渲染引擎是现代web浏览器的基石，负责将异构输入（html、CSS和javascript）转换为可视化页面内容。这个复杂的过程包括构造和更新渲染树，它管理布局和绘制，但也引入了一些微妙的缺陷，表现为健壮性和安全性挑战。现有的浏览器模糊测试工具在对渲染引擎进行彻底测试方面存在两个基本挑战：(1)巨大的多维输入空间使得有效的探索变得困难；（ii）现代渲染引擎的周期性增量渲染模型在每个渲染周期内合并了渲染树的多次更新，减少了深层管道逻辑（如布局和绘画）的激活。在本文中，我们的目标是增强渲染管道的测试深度-而不是简单地增加代码覆盖率-通过专注于更新渲染树，连接前端输入到后端布局和绘画模块的中心数据结构。我们的方法包含(i)基于相关性的HTML元素和CSS属性修剪策略，以优先考虑高产输入组合，以及（ii）时间切片测试方案，在单个测试用例中故意将突变分布在多个呈现周期中，从而增加后端呈现模块的触发频率。我们实现了一个原型RTFuzz，并对其进行了广泛的评估。与最先进的fuzzers Domato， FreeDom和Minerva相比，RTFuzz帮助发现43.1%，28.7%和75.7%的独特崩溃，其中83.3%发生在渲染管道中，并在长期运行的实验中进一步确定了20个现实世界的缺陷。消融研究证实，基于相关性的剪枝使唯一崩溃增加了79.2%，而时间切片方案贡献了16.2%的改进。

{"title":"RTFuzz: Fuzzing browsers via efficient render tree mutation","authors":"Yishun Zeng, Yue Wu, Xicheng Lu, Chao Zhang","doi":"10.1016/j.cose.2025.104756","DOIUrl":"10.1016/j.cose.2025.104756","url":null,"abstract":"<div><div>The rendering engine is a cornerstone of modern web browsers, responsible for transforming heterogeneous inputs-HTML, CSS, and JavaScript-into visual page content. This complex process involves constructing and updating the render tree, which governs layout and painting, but also introduces subtle defects that manifest as robustness and security challenges. Existing browser fuzzers largely fall short in thoroughly testing the rendering engine due to two fundamental challenges: (i) the vast, multidimensional input space makes efficient exploration difficult; (ii) the periodic, incremental rendering model of modern rendering engines merges multiple updates of the render tree within each rendering cycle, reducing activation of deep pipeline logic such as layout and painting. In this paper, we aim to enhance the testing depth of the rendering pipeline-rather than simply increasing code coverage-by focusing on updating the render tree, the central data structure linking frontend inputs to backend layout and painting modules. Our approach incorporates (i) correlation-based pruning strategies for HTML elements and CSS properties to prioritize high-yield input combinations, and (ii) a time-sliced testing scheme that intentionally distributes mutations across multiple rendering cycles within a single test case, thereby increasing the trigger frequency of backend rendering modules. We implement a prototype, RTFuzz, and evaluate it extensively. Compared to state-of-the-art fuzzers Domato, FreeDom, and Minerva, RTFuzz helps uncover 43.1 %, 28.7 %, and 75.7 % more unique crashes, 83.3 % of which occur in the rendering pipeline, and further identified 20 real-world defects during long-running experiments. Ablation studies confirm that correlation-based pruning increases unique crashes by 79.2 %, and the time-sliced scheme contributes a 16.2 % improvement.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104756"},"PeriodicalIF":5.4,"publicationDate":"2025-11-14","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624649","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Developing ethical principle awareness and reasoning in a cybersecurity context: Enhancing user understanding using ripple down rules 在网络安全环境中发展道德原则意识和推理：使用涟漪规则增强用户理解

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-13 DOI: 10.1016/j.cose.2025.104761

Amal Abdulrahman , Deborah Richards , Ayse Aysin Bilgin , Paul Formosa

Cybersecurity breaches are often attributed to human behaviour, where individuals fail to integrate ethical principles in their decision-making. This empirical study investigates the effectiveness of the Ripple Down Rules (RDR) method, a knowledge acquisition and representation method, in enhancing ethical awareness and reasoning in cybersecurity contexts. The proposed approach combines rule-based reasoning, case-based learning, reflection, and situated cognition to bridge the gap between ethical knowledge and action by systematically connecting scenario elements to ethical principles. Participants, recruited from a cohort of first-year psychology students, were exposed to training incorporating five ethical principles—Beneficence, Non-Maleficence, Justice, Autonomy, and Explicability—applied to realistic cybersecurity scenarios. The study employed a randomised controlled design with two treatment and one control groups, using pre- and post-study assessments to evaluate improvements in ethical principle identification and reasoning. Participants rated RDR as a clear and helpful tool for understanding ethical reasoning, with sensibility and helpfulness scores ranging from moderate to high. Results demonstrate that RDR training significantly improved participants' ability to identify ethical principles compared to learning without RDR, particularly for principles like autonomy and explicability. However, challenges persisted in distinguishing overlapping principles, such as beneficence and non-maleficence. Implications and guidance for use of RDR for ethics training are discussed.

网络安全漏洞通常被归咎于人类行为，即个人未能将道德原则纳入决策。本实证研究探讨了涟漪规则（RDR）方法（一种知识获取和表示方法）在增强网络安全背景下的道德意识和推理方面的有效性。该方法结合了基于规则的推理、基于案例的学习、反思和情境认知，通过系统地将情景元素与伦理原则联系起来，弥合了伦理知识与行动之间的差距。参与者是从一群一年级心理学学生中招募的，他们接受了五项道德原则的培训，这五项道德原则是“善”、“无害”、“公正”、“自主”和“可解释性”，这些原则应用于现实的网络安全场景。该研究采用随机对照设计，有两个治疗组和一个对照组，使用研究前和研究后评估来评估伦理原则识别和推理的改进。参与者认为RDR是理解道德推理的一个清晰而有用的工具，其敏感性和帮助性得分从中等到高不等。结果表明，与没有进行RDR的学习相比，RDR训练显著提高了参与者识别道德原则的能力，特别是在自主性和可解释性等原则方面。然而，在区分重叠原则（如行善和无害）方面仍然存在挑战。讨论了在道德培训中使用RDR的含义和指导。

{"title":"Developing ethical principle awareness and reasoning in a cybersecurity context: Enhancing user understanding using ripple down rules","authors":"Amal Abdulrahman , Deborah Richards , Ayse Aysin Bilgin , Paul Formosa","doi":"10.1016/j.cose.2025.104761","DOIUrl":"10.1016/j.cose.2025.104761","url":null,"abstract":"<div><div>Cybersecurity breaches are often attributed to human behaviour, where individuals fail to integrate ethical principles in their decision-making. This empirical study investigates the effectiveness of the Ripple Down Rules (RDR) method, a knowledge acquisition and representation method, in enhancing ethical awareness and reasoning in cybersecurity contexts. The proposed approach combines rule-based reasoning, case-based learning, reflection, and situated cognition to bridge the gap between ethical knowledge and action by systematically connecting scenario elements to ethical principles. Participants, recruited from a cohort of first-year psychology students, were exposed to training incorporating five ethical principles—Beneficence, Non-Maleficence, Justice, Autonomy, and Explicability—applied to realistic cybersecurity scenarios. The study employed a randomised controlled design with two treatment and one control groups, using pre- and post-study assessments to evaluate improvements in ethical principle identification and reasoning. Participants rated RDR as a clear and helpful tool for understanding ethical reasoning, with sensibility and helpfulness scores ranging from moderate to high. Results demonstrate that RDR training significantly improved participants' ability to identify ethical principles compared to learning without RDR, particularly for principles like autonomy and explicability. However, challenges persisted in distinguishing overlapping principles, such as beneficence and non-maleficence. Implications and guidance for use of RDR for ethics training are discussed.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104761"},"PeriodicalIF":5.4,"publicationDate":"2025-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145579997","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Plug and prey: Exploiting design flaws to hijack EV charging stations 即插即用：利用设计缺陷劫持电动汽车充电站

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-13 DOI: 10.1016/j.cose.2025.104759

Mohammad Ali Sayed , Khaled Sarieddine , Rinith Reghunath , Chadi Assi, Mourad Debbabi

Electric Vehicles (EVs) have become a major element in the global push to combat climate change, given their ability to reduce the transportation sector’s emissions. To support the increasing number of EVs on the road, EV Charging Stations (EVCSs) are being deployed and have become a core element of the transportation infrastructure. EVCSs with individual web portals have been widely studied and proven to be vulnerable to network-based attacks. On the other hand, EVCSs that do not host web portals and cannot be accessed remotely are considered more secure. These EVCSs are generally considered to be more secure and have been overlooked in previous studies. Consequently, in this work, we present the first attack framework that exploits design flaws in this type of EVCS to hijack their operation. Our tests were performed on six actual EVCSs that follow the deployment strategy commonly preferred in North America by most operators and a few operators in Europe. We demonstrate how adversaries can successfully exploit the discussed vulnerabilities to gain unauthorized access to the EVCS configuration and acquire administrator privileges. We then proceed to craft multiple attacks to affect the power grid, steal money, or deteriorate EVCS availability.

电动汽车（ev）已经成为全球应对气候变化的主要因素，因为它们能够减少交通部门的排放。为了支持道路上越来越多的电动汽车，电动汽车充电站（evcs）正在部署，并已成为交通基础设施的核心要素。具有单个web门户的evcs已被广泛研究，并被证明容易受到基于网络的攻击。另一方面，不承载web门户并且不能远程访问的evcs被认为更安全。这些evcs通常被认为更安全，但在以前的研究中被忽视了。因此，在这项工作中，我们提出了第一个攻击框架，利用这种类型的EVCS的设计缺陷来劫持它们的操作。我们在六个实际的evcs上进行了测试，这些evcs遵循北美大多数运营商和欧洲少数运营商普遍采用的部署策略。我们演示了攻击者如何成功利用所讨论的漏洞来获得对EVCS配置的未经授权访问并获得管理员权限。然后我们继续制造多个攻击来影响电网，窃取资金，或者破坏EVCS的可用性。

{"title":"Plug and prey: Exploiting design flaws to hijack EV charging stations","authors":"Mohammad Ali Sayed , Khaled Sarieddine , Rinith Reghunath , Chadi Assi, Mourad Debbabi","doi":"10.1016/j.cose.2025.104759","DOIUrl":"10.1016/j.cose.2025.104759","url":null,"abstract":"<div><div>Electric Vehicles (EVs) have become a major element in the global push to combat climate change, given their ability to reduce the transportation sector’s emissions. To support the increasing number of EVs on the road, EV Charging Stations (EVCSs) are being deployed and have become a core element of the transportation infrastructure. EVCSs with individual web portals have been widely studied and proven to be vulnerable to network-based attacks. On the other hand, EVCSs that do not host web portals and cannot be accessed remotely are considered more secure. These EVCSs are generally considered to be more secure and have been overlooked in previous studies. Consequently, in this work, we present the first attack framework that exploits design flaws in this type of EVCS to hijack their operation. Our tests were performed on six actual EVCSs that follow the deployment strategy commonly preferred in North America by most operators and a few operators in Europe. We demonstrate how adversaries can successfully exploit the discussed vulnerabilities to gain unauthorized access to the EVCS configuration and acquire administrator privileges. We then proceed to craft multiple attacks to affect the power grid, steal money, or deteriorate EVCS availability.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104759"},"PeriodicalIF":5.4,"publicationDate":"2025-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624652","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Internet of cybersecurity things in the third decade of the 21st century: A forward vision 21世纪第三个十年的网络安全物联网：前瞻

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-13 DOI: 10.1016/j.cose.2025.104747

Marianna Rezk , Hassan Harb , Ismail Bennis , Sebastien Bindel , Abdelhafid Abouaissa

Recently, integrating Artificial Intelligence (AI) into the Internet of Things (IoT) networks had led to a revolution in cybersecurity-based applications. It secures the interconnected devices in such networks and detecting various types of attacks. Thus, we are witnessing the rise of a new network generation called the Internet of Cybersecurity Things (IoCT). Particularly, this study explores the evolution of IoCT networks in the last century, while examining their pivotal role in securing smart cities applications. Firstly, this study focuses various IoCT applications and provides a comprehensive review of recent AI-based techniques and approaches proposed to overcome challenges raised in IoCTs. Then, we propose a multi-layer architecture for safeguarding IoT devices and networks from unauthorized access, intrusions and data breaches. The architecture is mainly based on AI, edge/fog computing and knowledge distillation, and consists of five layers: perception, network, edge/fog, detection, and decision. Then, we provide an overview of various benchmark datasets used in the validation process to help realize the new architecture. For efficiency validation, we provide a performance analysis of nowadays IoCT systems; some existing techniques have been selected for testing and comparison according to a set of criteria. Finally, the results of the comparative study are anticipated to direct future research paths and assist in developing secure mechanisms tailored for the evolving landscape of the Internet of Cloud Things (IoCT).

最近，将人工智能（AI）集成到物联网（IoT）网络中导致了基于网络安全的应用的革命。保护网络中互联设备的安全，检测各种类型的攻击。因此，我们正在见证被称为网络安全物联网（icoct）的新一代网络的兴起。特别地，本研究探讨了icc网络在上个世纪的演变，同时研究了它们在保护智慧城市应用中的关键作用。首先，本研究关注了各种人工智能技术的应用，并全面回顾了最近提出的基于人工智能的技术和方法，以克服人工智能技术中提出的挑战。然后，我们提出了一个多层架构，以保护物联网设备和网络免受未经授权的访问，入侵和数据泄露。该体系结构主要基于人工智能、边缘/雾计算和知识蒸馏，由感知、网络、边缘/雾、检测和决策五层组成。然后，我们概述了验证过程中使用的各种基准数据集，以帮助实现新架构。为了验证效率，我们提供了当今IoCT系统的性能分析；根据一套标准，选择了一些现有的技术进行测试和比较。最后，比较研究的结果有望指导未来的研究路径，并协助开发适合云物联网（icoct）不断发展的安全机制。

{"title":"Internet of cybersecurity things in the third decade of the 21st century: A forward vision","authors":"Marianna Rezk , Hassan Harb , Ismail Bennis , Sebastien Bindel , Abdelhafid Abouaissa","doi":"10.1016/j.cose.2025.104747","DOIUrl":"10.1016/j.cose.2025.104747","url":null,"abstract":"<div><div>Recently, integrating Artificial Intelligence (AI) into the Internet of Things (IoT) networks had led to a revolution in cybersecurity-based applications. It secures the interconnected devices in such networks and detecting various types of attacks. Thus, we are witnessing the rise of a new network generation called the Internet of Cybersecurity Things (IoCT). Particularly, this study explores the evolution of IoCT networks in the last century, while examining their pivotal role in securing smart cities applications. Firstly, this study focuses various IoCT applications and provides a comprehensive review of recent AI-based techniques and approaches proposed to overcome challenges raised in IoCTs. Then, we propose a multi-layer architecture for safeguarding IoT devices and networks from unauthorized access, intrusions and data breaches. The architecture is mainly based on AI, edge/fog computing and knowledge distillation, and consists of five layers: perception, network, edge/fog, detection, and decision. Then, we provide an overview of various benchmark datasets used in the validation process to help realize the new architecture. For efficiency validation, we provide a performance analysis of nowadays IoCT systems; some existing techniques have been selected for testing and comparison according to a set of criteria. Finally, the results of the comparative study are anticipated to direct future research paths and assist in developing secure mechanisms tailored for the evolving landscape of the Internet of Cloud Things (IoCT).</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104747"},"PeriodicalIF":5.4,"publicationDate":"2025-11-13","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145624655","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Fuzz4Cuda: Fuzzing your NVIDIA GPU libraries through debug interface Fuzz4Cuda：通过调试接口模糊你的NVIDIA GPU库

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-12 DOI: 10.1016/j.cose.2025.104754

Yuhao Zhou, Peng Jia, Jiayong Liu, Ximing Fan

The programming security of Compute Unified Device Architecture (CUDA), NVIDIA’s parallel computing platform and programming model for Graphics Processing Unit, has always been a significant concern. On the host-side, fuzzing has been remarkably successful at uncovering various software bugs and vulnerabilities, with hundreds of flaws discovered annually through different fuzzing tools. However, existing fuzzing tools typically operate on general-purpose CPU architectures and embedded systems. As an independent processing unit, the GPU does not support tools like American Fuzzy Lop for collecting instrumentation and code coverage information. Consequently, grey-box fuzzing for closed-source graphics and driver libraries has remained an unaddressed challenge. This research introduces Fuzz4Cuda, CUDA-focused GPU fuzzing framework specifically designed for GPU libraries. To enhance device-side coverage collection, Fuzz4Cuda achieved this by runtime analysis of CUDA Streaming Assembler. Furthermore, the framework could dynamically adjust the number of breakpoints to optimize test case execution speed, thereby accelerating the overall time to discover program crash inputs. The development of Fuzz4Cuda has moved GPU library fuzzing ahead, aiming to improve the security of the GPU programming environment. Over a month-long real-world fuzzing campaign aimed at vulnerability discovery, our evaluation of the CUDA Toolkit uncovered five real-world bugs, four of which have been assigned Common Vulnerabilities and Exposures (CVE) IDs.

计算统一设备架构（CUDA）是NVIDIA的并行计算平台和图形处理单元编程模型，其编程安全性一直备受关注。在主机端，模糊测试在发现各种软件错误和漏洞方面非常成功，每年通过不同的模糊测试工具发现数百个缺陷。然而，现有的模糊测试工具通常在通用CPU架构和嵌入式系统上运行。作为一个独立的处理单元，GPU不支持像美国Fuzzy Lop这样的工具来收集仪表和代码覆盖信息。因此，闭源图形和驱动程序库的灰盒模糊测试仍然是一个未解决的挑战。本研究介绍了Fuzz4Cuda，专门为GPU库设计的专注于cuda的GPU模糊测试框架。为了增强设备端覆盖收集，Fuzz4Cuda通过对CUDA Streaming Assembler的运行时分析实现了这一点。此外，框架可以动态调整断点的数量以优化测试用例的执行速度，从而加快发现程序崩溃输入的总时间。Fuzz4Cuda的开发推动了GPU库模糊测试的发展，旨在提高GPU编程环境的安全性。在长达一个月的真实世界的模糊测试活动中，我们对CUDA工具包的评估发现了五个真实世界的漏洞，其中四个已被分配为常见漏洞和暴露（CVE） id。

{"title":"Fuzz4Cuda: Fuzzing your NVIDIA GPU libraries through debug interface","authors":"Yuhao Zhou, Peng Jia, Jiayong Liu, Ximing Fan","doi":"10.1016/j.cose.2025.104754","DOIUrl":"10.1016/j.cose.2025.104754","url":null,"abstract":"<div><div>The programming security of Compute Unified Device Architecture (CUDA), NVIDIA’s parallel computing platform and programming model for Graphics Processing Unit, has always been a significant concern. On the host-side, fuzzing has been remarkably successful at uncovering various software bugs and vulnerabilities, with hundreds of flaws discovered annually through different fuzzing tools. However, existing fuzzing tools typically operate on general-purpose CPU architectures and embedded systems. As an independent processing unit, the GPU does not support tools like American Fuzzy Lop for collecting instrumentation and code coverage information. Consequently, grey-box fuzzing for closed-source graphics and driver libraries has remained an unaddressed challenge. This research introduces Fuzz4Cuda, CUDA-focused GPU fuzzing framework specifically designed for GPU libraries. To enhance device-side coverage collection, Fuzz4Cuda achieved this by runtime analysis of CUDA Streaming Assembler. Furthermore, the framework could dynamically adjust the number of breakpoints to optimize test case execution speed, thereby accelerating the overall time to discover program crash inputs. The development of Fuzz4Cuda has moved GPU library fuzzing ahead, aiming to improve the security of the GPU programming environment. Over a month-long real-world fuzzing campaign aimed at vulnerability discovery, our evaluation of the CUDA Toolkit uncovered five real-world bugs, four of which have been assigned Common Vulnerabilities and Exposures (CVE) IDs.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104754"},"PeriodicalIF":5.4,"publicationDate":"2025-11-12","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145579995","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Design and generation of a dataset for training insider threat prevention and detection models: The SPEDIA dataset 设计和生成用于培训内部威胁预防和检测模型的数据集：SPEDIA数据集

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-11 DOI: 10.1016/j.cose.2025.104743

David Álvarez Muñiz, Luis Perez Miguel, Miguel, Alberto Mateo Muñoz, Xavier Larriva-Novo, Manuel Alvarez-Campana, Diego Rivera

The increasing complexity of insider threats poses a critical challenge for modern cybersecurity. Existing datasets used for training detection systems often lack realism, suffer from severe class imbalance, or are outdated. This paper presents a novel methodology for the generation of insider threat datasets through the integration of three data sources: (1) real user behavior collected during a controlled cyber exercise, (2) simulated user activity modeled on realistic work roles, and (3) synthetic data derived from the CERT Insider Threat Test dataset. The result is the SPEDIA dataset, designed to support the development and evaluation of machine learning models for detecting insider threats. The dataset includes detailed event-level logs of user activity, such as file manipulation, command execution, service usage, and network behavior, with annotations mapped to MITRE ATT&CK tactics and techniques. Unlike previous datasets, SPEDIA achieves a more balanced distribution of malicious and non-malicious events, enhancing its suitability for supervised learning. This work also provides a replicable framework for generating similar datasets, contributing to the advancement of insider threat detection research and the development of robust, real-world mitigation strategies.

日益复杂的内部威胁对现代网络安全构成了严峻挑战。用于训练检测系统的现有数据集通常缺乏真实感，遭受严重的类不平衡，或者过时。本文提出了一种通过整合三个数据源生成内部威胁数据集的新方法：(1)在受控网络演习中收集的真实用户行为，(2)以现实工作角色为模型的模拟用户活动，以及(3)来自CERT内部威胁测试数据集的合成数据。结果是SPEDIA数据集，旨在支持用于检测内部威胁的机器学习模型的开发和评估。该数据集包括用户活动的详细事件级日志，例如文件操作、命令执行、服务使用和网络行为，并带有映射到MITRE攻击和CK策略和技术的注释。与以前的数据集不同，SPEDIA实现了更平衡的恶意和非恶意事件分布，增强了其对监督学习的适用性。这项工作还为生成类似的数据集提供了一个可复制的框架，有助于推进内部威胁检测研究和制定强大的、现实世界的缓解战略。

{"title":"Design and generation of a dataset for training insider threat prevention and detection models: The SPEDIA dataset","authors":"David Álvarez Muñiz, Luis Perez Miguel, Miguel, Alberto Mateo Muñoz, Xavier Larriva-Novo, Manuel Alvarez-Campana, Diego Rivera","doi":"10.1016/j.cose.2025.104743","DOIUrl":"10.1016/j.cose.2025.104743","url":null,"abstract":"<div><div>The increasing complexity of insider threats poses a critical challenge for modern cybersecurity. Existing datasets used for training detection systems often lack realism, suffer from severe class imbalance, or are outdated. This paper presents a novel methodology for the generation of insider threat datasets through the integration of three data sources: (1) real user behavior collected during a controlled cyber exercise, (2) simulated user activity modeled on realistic work roles, and (3) synthetic data derived from the CERT Insider Threat Test dataset. The result is the SPEDIA dataset, designed to support the development and evaluation of machine learning models for detecting insider threats. The dataset includes detailed event-level logs of user activity, such as file manipulation, command execution, service usage, and network behavior, with annotations mapped to MITRE ATT&CK tactics and techniques. Unlike previous datasets, SPEDIA achieves a more balanced distribution of malicious and non-malicious events, enhancing its suitability for supervised learning. This work also provides a replicable framework for generating similar datasets, contributing to the advancement of insider threat detection research and the development of robust, real-world mitigation strategies.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104743"},"PeriodicalIF":5.4,"publicationDate":"2025-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145694094","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Towards a formal verification of secure vehicle software updates 迈向正式验证安全的车载软件更新

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-11 DOI: 10.1016/j.cose.2025.104751

Martin Slind Hagen , Emil Lundqvist , Alex Phu , Yenan Wang , Kim Strandberg , Elad Michael Schiller

With the rise of software-defined vehicles (SDVs), where software governs most vehicle functions alongside enhanced connectivity, the need for secure software updates has become increasingly critical. Software vulnerabilities can severely impact safety, the economy, and society. In response to this challenge, Strandberg et al. [escar Europe, 2021] introduced the Unified Software Update Framework (UniSUF), designed to provide a secure update framework that integrates seamlessly with existing vehicular infrastructures. Although UniSUF has previously been evaluated regarding cybersecurity, these assessments have not employed formal verification methods. To bridge this gap, we perform a formal security analysis of UniSUF. We model UniSUF’s architecture and assumptions to reflect real-world automotive systems and develop a ProVerif-based framework that formally verifies UniSUF’s compliance with essential security requirements — confidentiality, integrity, authenticity, freshness, order, and liveness —demonstrating their satisfiability through symbolic execution. Our results demonstrate that UniSUF adheres to the specified security guarantees, ensuring the correctness and reliability of its security framework.

随着软件定义车辆（sdv）的兴起，软件控制着大多数车辆功能以及增强的连接性，对安全软件更新的需求变得越来越重要。软件漏洞会严重影响安全、经济和社会。为了应对这一挑战，Strandberg等人[escar Europe， 2021]推出了统一软件更新框架（UniSUF），旨在提供与现有车辆基础设施无缝集成的安全更新框架。虽然联黎部队以前曾就网络安全问题进行评估，但这些评估并未采用正式的核查方法。为了弥补这一差距，我们对联苏部队进行了正式的安全分析。我们对UniSUF的架构和假设进行建模，以反映现实世界的汽车系统，并开发一个基于proverif的框架，正式验证UniSUF是否符合基本的安全要求——保密性、完整性、真实性、新鲜度、秩序和活力——并通过象征性执行展示其可满意度。我们的结果表明，联苏部队遵守了规定的安全保障，确保了其安全框架的正确性和可靠性。

{"title":"Towards a formal verification of secure vehicle software updates","authors":"Martin Slind Hagen , Emil Lundqvist , Alex Phu , Yenan Wang , Kim Strandberg , Elad Michael Schiller","doi":"10.1016/j.cose.2025.104751","DOIUrl":"10.1016/j.cose.2025.104751","url":null,"abstract":"<div><div>With the rise of software-defined vehicles (SDVs), where software governs most vehicle functions alongside enhanced connectivity, the need for secure software updates has become increasingly critical. Software vulnerabilities can severely impact safety, the economy, and society. In response to this challenge, Strandberg et al. [escar Europe, 2021] introduced the Unified Software Update Framework (UniSUF), designed to provide a secure update framework that integrates seamlessly with existing vehicular infrastructures. Although UniSUF has previously been evaluated regarding cybersecurity, these assessments have not employed formal verification methods. To bridge this gap, we perform a formal security analysis of UniSUF. We model UniSUF’s architecture and assumptions to reflect real-world automotive systems and develop a ProVerif-based framework that formally verifies UniSUF’s compliance with essential security requirements — confidentiality, integrity, authenticity, freshness, order, and liveness —demonstrating their satisfiability through symbolic execution. Our results demonstrate that UniSUF adheres to the specified security guarantees, ensuring the correctness and reliability of its security framework.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104751"},"PeriodicalIF":5.4,"publicationDate":"2025-11-11","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145694093","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

FedGNNLDP: Federated graph neural network with locally differential privacy FedGNNLDP：具有局部差分隐私的联邦图神经网络

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-10 DOI: 10.1016/j.cose.2025.104757

Yaqi Liu, Yue Zhang, Pinzhen He, Shuzhen Fang

In recent years, Graph Neural Networks (GNNs) have demonstrated remarkable performance due to their excellent graph-structure-based approach and have been widely applied in various industries. GNNs can access node features or link information as a result of their unique graph structure, enabling them to achieve more accurate machine learning model prediction. However, most graph-structure data varies across individual users or consumers in different industries, and it is inevitable that private data will be accessed during the GNN training process, which will cause serious leakage of private information. To address this problem, the author propose a privacy-preserving federal learning model for GNN with local differential privacy, named FedGNNLDP, which distributes a subgraph of a larger global graph to different clients for training to avoid the direct exchange of subgraph data. At the same time, the author apply the local differential privacy mechanism to the local client for GNN-subgraphs, thereby effectively avoiding the parameters being compromised by attacks during transmission. The author go on to demonstrate the solid experimental performance of our method compared to several baselines. Extensive experiments demonstrate that our model achieves a high accuracy rate even with privacy protection.

近年来，图神经网络（Graph Neural Networks, gnn）由于其基于图结构的优良方法而表现出显著的性能，并在各个行业得到了广泛的应用。由于其独特的图结构，gnn可以访问节点特征或链接信息，使其能够实现更准确的机器学习模型预测。然而，大多数图结构数据在不同行业的个人用户或消费者之间是不同的，在GNN训练过程中不可避免地会有私人数据被访问，这将造成严重的私人信息泄露。为了解决这一问题，作者提出了一种具有局部差分隐私的GNN保护隐私的联邦学习模型FedGNNLDP，该模型将一个较大的全局图的一个子图分发给不同的客户端进行训练，以避免子图数据的直接交换。同时，作者对gnn子图的本地客户端应用了本地差分隐私机制，从而有效避免了参数在传输过程中被攻击者泄露。作者继续证明了我们的方法与几个基线相比较的坚实的实验性能。大量的实验表明，即使在隐私保护的情况下，我们的模型也能达到很高的准确率。

{"title":"FedGNNLDP: Federated graph neural network with locally differential privacy","authors":"Yaqi Liu, Yue Zhang, Pinzhen He, Shuzhen Fang","doi":"10.1016/j.cose.2025.104757","DOIUrl":"10.1016/j.cose.2025.104757","url":null,"abstract":"<div><div>In recent years, Graph Neural Networks (GNNs) have demonstrated remarkable performance due to their excellent graph-structure-based approach and have been widely applied in various industries. GNNs can access node features or link information as a result of their unique graph structure, enabling them to achieve more accurate machine learning model prediction. However, most graph-structure data varies across individual users or consumers in different industries, and it is inevitable that private data will be accessed during the GNN training process, which will cause serious leakage of private information. To address this problem, the author propose a privacy-preserving federal learning model for GNN with local differential privacy, named <em>FedGNNLDP,</em> which distributes a subgraph of a larger global graph to different clients for training to avoid the direct exchange of subgraph data. At the same time, the author apply the local differential privacy mechanism to the local client for GNN-subgraphs, thereby effectively avoiding the parameters being compromised by attacks during transmission. The author go on to demonstrate the solid experimental performance of our method compared to several baselines. Extensive experiments demonstrate that our model achieves a high accuracy rate even with privacy protection.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104757"},"PeriodicalIF":5.4,"publicationDate":"2025-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145529098","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Secure authentication and traceability of physical objects 物理对象的安全认证和可追溯性

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-10 DOI: 10.1016/j.cose.2025.104745

Mónica P. Arenas, Gabriele Lenzini, Mohammadamin Rakeei, Peter Y.A. Ryan, Marjan Škrobot, Maria Zhekova

We study how to authenticate objects, a problem that is relevant to buyers who seek proof that a purchase is authentic. Typically, manufacturers watermark their goods or assign them IDs with a certificate of authenticity; then, buyers can check for the presence of the watermark or verify the authenticity of the certificate, matching it with the good’s ID. However, this solution falls short when manufacturers and buyers are geographically separated, such as in retail or online purchases. Since certificates can be forged and goods can be substituted with substandard clones, buyers should verify the authenticity of the goods directly. This suggests a process: honest manufacturers should provide goods with an ID and securely register it along with some unforgeable and unique data that can be (re)generated only from the original physical object. In turn, buyers can verify whether the data registered under that ID matches the data retrieved by the buyer for the good just acquired. Such enrollment and authentication processes are complex when realized as protocols because they must withstand attacks against both the physical object and the communication channel. We propose a cyber-physical solution that relies on two elements: (i) a material inseparably joined with an object from which cryptographically strong digital identities can be generated; (ii) two novel cryptographic protocols that ensure data integrity and secure authentication of agents and objects. We present a comprehensive threat model for the artifact authenticity service. We also implemented and optimized the image processing pipeline, which takes under two seconds per image set, representing a notable improvement over previous versions.

我们研究如何鉴定物品，这是一个与寻求证明购买是真实的买家相关的问题。通常情况下，制造商会在商品上加水印，或者用真品证书为其指定id；然后，买家可以检查水印是否存在，或者验证证书的真实性，将其与货物的ID进行匹配。然而，当制造商和买家在地理位置上分开时，例如在零售或在线购买中，这种解决方案就不够用了。由于证书可能被伪造，货物也可能被不合格的复制品所取代，买方应直接核实货物的真伪。这暗示了一个过程：诚实的制造商应该为商品提供一个ID，并安全地注册它，以及一些只能从原始物理对象生成（重新）的不可伪造的唯一数据。反过来，买方可以验证在该ID下注册的数据是否与买方为刚刚获得的商品检索到的数据相匹配。这种注册和身份验证过程在作为协议实现时非常复杂，因为它们必须承受针对物理对象和通信通道的攻击。我们提出了一种网络物理解决方案，它依赖于两个要素：(i)与可以生成加密强数字身份的对象不可分割地连接在一起的材料；（ii）两种新的加密协议，确保数据完整性和代理和对象的安全认证。提出了一种针对工件真实性服务的综合威胁模型。我们还实现并优化了图像处理管道，每个图像集只需不到两秒钟，与以前的版本相比有了显著的改进。

{"title":"Secure authentication and traceability of physical objects","authors":"Mónica P. Arenas, Gabriele Lenzini, Mohammadamin Rakeei, Peter Y.A. Ryan, Marjan Škrobot, Maria Zhekova","doi":"10.1016/j.cose.2025.104745","DOIUrl":"10.1016/j.cose.2025.104745","url":null,"abstract":"<div><div>We study how to authenticate objects, a problem that is relevant to buyers who seek proof that a purchase is authentic. Typically, manufacturers watermark their goods or assign them IDs with a certificate of authenticity; then, buyers can check for the presence of the watermark or verify the authenticity of the certificate, matching it with the good’s ID. However, this solution falls short when manufacturers and buyers are geographically separated, such as in retail or online purchases. Since certificates can be forged and goods can be substituted with substandard clones, buyers should verify the authenticity of the goods directly. This suggests a process: honest manufacturers should provide goods with an ID and securely register it along with some unforgeable and unique data that can be (re)generated only from the original physical object. In turn, buyers can verify whether the data registered under that ID matches the data retrieved by the buyer for the good just acquired. Such enrollment and authentication processes are complex when realized as protocols because they must withstand attacks against both the physical object and the communication channel. We propose a cyber-physical solution that relies on two elements: (i) a material inseparably joined with an object from which cryptographically strong digital identities can be generated; (ii) two novel cryptographic protocols that ensure data integrity and secure authentication of agents and objects. We present a comprehensive threat model for the artifact authenticity service. We also implemented and optimized the image processing pipeline, which takes under two seconds per image set, representing a notable improvement over previous versions.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104745"},"PeriodicalIF":5.4,"publicationDate":"2025-11-10","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145579996","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0

Obfuscation detection using matrix complexity features of binary grayscale images 基于矩阵复杂度特征的二值灰度图像混淆检测

IF 5.4 2区计算机科学 Q1 COMPUTER SCIENCE, INFORMATION SYSTEMS

Computers & Security

Pub Date : 2025-11-08 DOI: 10.1016/j.cose.2025.104746

Sebastian Raubitzek , Sebastian Schrittwieser , Caroline König , Patrick Felbauer , Kevin Mallinger , Andreas Ekelhart , Edgar Weippl

Malware that conceals its behaviour through code obfuscation remains a central challenge for automated detection. This work introduced a novel approach for detecting the presence of obfuscation and identifying specific techniques. We transform binary code into grayscale images by mapping its bytes to a pixel intensity and apply singular value decomposition (SVD) to extract 18 matrix-complexity metrics that reflect structural changes introduced by an obfuscation. Using this approach, we evaluate eight Tigress obfuscation techniques on whether they leave a distinct spectral signature that can be classified. To obtain statistically robust results, we employ an ensemble of 100 independently tuned ExtraTrees models trained on different stratified 80/20 splits. The ensemble achieves average accuracies of 0.99 for detecting obfuscation, 0.94 for obfuscation type attribution, and 0.93 for identifying specific techniques. Feature-importance rankings and per-metric distribution plots make the results interpretable and transferable. The contributions of this study are (i) a reproducible pipeline for classifying obfuscated binaries, (ii) a detailed analysis of how obfuscation alters binary structure and its image representation, and (iii) actionable insight into which SVD metrics are most indicative of each transformation.

通过代码混淆隐藏其行为的恶意软件仍然是自动检测的核心挑战。这项工作介绍了一种新的方法来检测混淆的存在和识别特定的技术。我们通过将二进制代码的字节映射到像素强度来将其转换为灰度图像，并应用奇异值分解（SVD）来提取18个矩阵复杂度指标，这些指标反映了由混淆引入的结构变化。使用这种方法，我们评估了八种虎妞混淆技术，看它们是否留下了可以分类的独特光谱特征。为了获得统计上稳健的结果，我们采用了100个独立调优的extratree模型的集合，这些模型在不同的分层80/20分割上训练。集成检测混淆的平均准确率为0.99，混淆类型归因的平均准确率为0.94，识别特定技术的平均准确率为0.93。特征重要性排序和每度量分布图使结果具有可解释性和可转移性。本研究的贡献是：(i)对混淆二进制进行分类的可重复管道，（ii）对混淆如何改变二进制结构及其图像表示的详细分析，以及（iii）对哪种SVD指标最能指示每种转换的可操作见解。

{"title":"Obfuscation detection using matrix complexity features of binary grayscale images","authors":"Sebastian Raubitzek , Sebastian Schrittwieser , Caroline König , Patrick Felbauer , Kevin Mallinger , Andreas Ekelhart , Edgar Weippl","doi":"10.1016/j.cose.2025.104746","DOIUrl":"10.1016/j.cose.2025.104746","url":null,"abstract":"<div><div>Malware that conceals its behaviour through code obfuscation remains a central challenge for automated detection. This work introduced a novel approach for detecting the presence of obfuscation and identifying specific techniques. We transform binary code into grayscale images by mapping its bytes to a pixel intensity and apply singular value decomposition (SVD) to extract 18 matrix-complexity metrics that reflect structural changes introduced by an obfuscation. Using this approach, we evaluate eight Tigress obfuscation techniques on whether they leave a distinct spectral signature that can be classified. To obtain statistically robust results, we employ an ensemble of 100 independently tuned ExtraTrees models trained on different stratified 80/20 splits. The ensemble achieves average accuracies of 0.99 for detecting obfuscation, 0.94 for obfuscation type attribution, and 0.93 for identifying specific techniques. Feature-importance rankings and per-metric distribution plots make the results interpretable and transferable. The contributions of this study are (i) a reproducible pipeline for classifying obfuscated binaries, (ii) a detailed analysis of how obfuscation alters binary structure and its image representation, and (iii) actionable insight into which SVD metrics are most indicative of each transformation.</div></div>","PeriodicalId":51004,"journal":{"name":"Computers & Security","volume":"161 ","pages":"Article 104746"},"PeriodicalIF":5.4,"publicationDate":"2025-11-08","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"145500195","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":2,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}

引用次数: 0