Pub Date : 2023-01-01DOI: 10.5220/0012086400003555
Vincent Raulin, Pierre-François Gimenez, Yufei Han, Valérie Viet Triem Tong
: Malware analysis consists of studying a sample of suspicious code to understand it and producing a representation or explanation of this code that can be used by a human expert or a clustering/classification/detection tool. The analysis can be static (only the code is studied) or dynamic (only the interaction between the code and its host during one or more executions is studied). The quality of the interpretation of a code and its later detection depends on the quality of the information contained in this representation. To date, many analyses produce voluminous reports that are difficult to handle quickly. In this article, we present BAGUETTE, a graph-based representation of the interactions of a sample and the resources offered by the host system during one execution. We explain how BAGUETTE helps automatically search for specific behaviors in a malware database and how it efficiently assists the expert in analyzing samples.
{"title":"BAGUETTE: Hunting for Evidence of Malicious Behavior in Dynamic Analysis Reports","authors":"Vincent Raulin, Pierre-François Gimenez, Yufei Han, Valérie Viet Triem Tong","doi":"10.5220/0012086400003555","DOIUrl":"https://doi.org/10.5220/0012086400003555","url":null,"abstract":": Malware analysis consists of studying a sample of suspicious code to understand it and producing a representation or explanation of this code that can be used by a human expert or a clustering/classification/detection tool. The analysis can be static (only the code is studied) or dynamic (only the interaction between the code and its host during one or more executions is studied). The quality of the interpretation of a code and its later detection depends on the quality of the information contained in this representation. To date, many analyses produce voluminous reports that are difficult to handle quickly. In this article, we present BAGUETTE, a graph-based representation of the interactions of a sample and the resources offered by the host system during one execution. We explain how BAGUETTE helps automatically search for specific behaviors in a malware database and how it efficiently assists the expert in analyzing samples.","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"34 1","pages":"417-424"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73084511","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012140200003555
Mark Dockendorf, R. Dantu
{"title":"Privacy-Preserving Algorithms for Data Cooperatives with Directed Graphs","authors":"Mark Dockendorf, R. Dantu","doi":"10.5220/0012140200003555","DOIUrl":"https://doi.org/10.5220/0012140200003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"6 1","pages":"876-884"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"83044324","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012127100003555
Catalin V. Bîrjoveanu, Mirela Bîrjoveanu
{"title":"Secure E-Commerce Protocol with Complex Trading Capabilities of Intermediaries","authors":"Catalin V. Bîrjoveanu, Mirela Bîrjoveanu","doi":"10.5220/0012127100003555","DOIUrl":"https://doi.org/10.5220/0012127100003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"71 1","pages":"495-502"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"86126296","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012077900003555
Sehrish Shafeeq, Mathias Fischer
{"title":"SEBDA: A Secure and Efficient Blockchain Based Data Aggregation Scheme","authors":"Sehrish Shafeeq, Mathias Fischer","doi":"10.5220/0012077900003555","DOIUrl":"https://doi.org/10.5220/0012077900003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"13 1","pages":"369-376"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"87039596","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012046000003555
A. Nygård, S. Katsikas
: Cyber-attacks on digital supply chains are rising, and Critical Infrastructures (CIs) such as the Smart Grid are prime targets. There is increasing evidence that vendors, service providers, and outsourced IT -providers are at equal risk of being used by malicious actors to gain a foothold in the power grid - delivering exploits that can disrupt electric power delivery and severely damage our economy. Long digital supply chains with components from different manufacturers require a new approach and methods to ensure the needed security in Critical Infrastructures. Hardware Reverse Engineering (HRE), commonly used for verifying the security of an embedded system, includes disassembling to analyse, test, and document the functionality and vulnerability of the target system. This paper proposes leveraging HRE for improving both the security and the resilience of the power infrastructure against cyber-attacks enabled through the digital supply chain, by organising HRE activities, and how this can be organized within the equipment procurement process in a Distribution System Operator (DSO).
{"title":"Leveraging Hardware Reverse Engineering to Improve the Cyber Security and Resilience of the Smart Grid","authors":"A. Nygård, S. Katsikas","doi":"10.5220/0012046000003555","DOIUrl":"https://doi.org/10.5220/0012046000003555","url":null,"abstract":": Cyber-attacks on digital supply chains are rising, and Critical Infrastructures (CIs) such as the Smart Grid are prime targets. There is increasing evidence that vendors, service providers, and outsourced IT -providers are at equal risk of being used by malicious actors to gain a foothold in the power grid - delivering exploits that can disrupt electric power delivery and severely damage our economy. Long digital supply chains with components from different manufacturers require a new approach and methods to ensure the needed security in Critical Infrastructures. Hardware Reverse Engineering (HRE), commonly used for verifying the security of an embedded system, includes disassembling to analyse, test, and document the functionality and vulnerability of the target system. This paper proposes leveraging HRE for improving both the security and the resilience of the power infrastructure against cyber-attacks enabled through the digital supply chain, by organising HRE activities, and how this can be organized within the equipment procurement process in a Distribution System Operator (DSO).","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"21 1","pages":"610-616"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"80317241","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012060900003555
Mofareh Waqdan, Habib Louafi, Malek Mouhoub
{"title":"A Comprehensive Risk Assessment Framework for IoT-Enabled Healthcare Environment","authors":"Mofareh Waqdan, Habib Louafi, Malek Mouhoub","doi":"10.5220/0012060900003555","DOIUrl":"https://doi.org/10.5220/0012060900003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"39 1","pages":"667-672"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"88436908","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012053400003555
Sonakshi Garg, V. Torra
{"title":"K-Anonymous Privacy Preserving Manifold Learning","authors":"Sonakshi Garg, V. Torra","doi":"10.5220/0012053400003555","DOIUrl":"https://doi.org/10.5220/0012053400003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"55 1","pages":"37-48"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"73546232","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012082700003555
Laltu Sardar, Subhra Mazumdar
{"title":"Fidelis: Verifiable Keyword Search with No Trust Assumption","authors":"Laltu Sardar, Subhra Mazumdar","doi":"10.5220/0012082700003555","DOIUrl":"https://doi.org/10.5220/0012082700003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"129 1","pages":"698-703"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"77357818","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
Pub Date : 2023-01-01DOI: 10.5220/0012145800003555
R. Shyamasundar
{"title":"ERC20: Correctness via Linearizability and Interference Freedom of the Underlying Smart Contract","authors":"R. Shyamasundar","doi":"10.5220/0012145800003555","DOIUrl":"https://doi.org/10.5220/0012145800003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"104 1","pages":"557-566"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"81663471","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
{"title":"Lightweight FHE-based Protocols Achieving Results Consistency for Data Encrypted Under Different Keys","authors":"Marina Checri, Jean-Paul Bultel, Renaud Sirdey, Aymen Boudguiga","doi":"10.5220/0012085200003555","DOIUrl":"https://doi.org/10.5220/0012085200003555","url":null,"abstract":"","PeriodicalId":74779,"journal":{"name":"SECRYPT ... : proceedings of the International Conference on Security and Cryptography. International Conference on Security and Cryptography","volume":"58 3 1","pages":"704-709"},"PeriodicalIF":0.0,"publicationDate":"2023-01-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"91292494","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
京公网安备 11010802042870号
京ICP备2023020795号-1
扫码关注我们
求助内容:
应助结果提醒方式: