1 option
Risks and Security of Internet and Systems : 17th International Conference, CRiSIS 2022, Sousse, Tunisia, December 7-9, 2022, Revised Selected Papers / edited by Slim Kallel, Mohamed Jmaiel, Mohammad Zulkernine, Ahmed Hadj Kacem, Frédéric Cuppens, Nora Cuppens.
SpringerLink Books Lecture Notes In Computer Science (LNCS) (1997-2024) Available online
View online- Format:
- Book
- Author/Creator:
- Kallel, Slim.
- Series:
- Lecture Notes in Computer Science, 1611-3349 ; 13857
- Language:
- English
- Subjects (All):
- Data protection.
- Data and Information Security.
- Local Subjects:
- Data and Information Security.
- Physical Description:
- 1 online resource (268 pages)
- Edition:
- 1st ed. 2023.
- Place of Publication:
- Cham : Springer Nature Switzerland : Imprint: Springer, 2023.
- Summary:
- This book constitutes the proceedings of the 17th International Conference on Risks and Security of Internet and Systems, CRiSIS 2022, which took place in Sousse, Tunesia, during December 7-9, 2022. The 14full papers and 4 short papers included in this volume were carefully reviewed and selected from 39 submissions. The papers detail security issues in internet-related applications, networks and systems.
- Contents:
- Intro
- Preface
- Organization
- Contents
- Context Correlation for Automated Dynamic Android App Analysis to Improve Impact Rating of Privacy and Security Flaws
- 1 Introduction
- 2 Related Work
- 2.1 Contribution
- 3 Dynamic Analysis Environment
- 4 Context Correlation and Issue Generation
- 4.1 Privacy Sensitive Data Sources
- 4.2 Data Sinks
- 4.3 Graph Generation
- 4.4 Example Graph
- 4.5 Graph Analysis: Issue Creation
- 4.6 Issue Correlation Pass
- 5 Evaluation
- 5.1 Overview and Statistics
- 5.2 Deep Manual Issue Inspection
- 5.3 Damn Vulnerable App
- 6 Conclusion and Future Work
- References
- Errors in the CICIDS2017 Dataset and the Significant Differences in Detection Performances It Makes
- 2 Related Works
- 2.1 Datasets
- 2.2 Machine Learning Use on CICDS2017
- 2.3 Previous Criticism on CICIDS2017
- 3 Errors in the CICIDS2017 Dataset and the CICFlowMeter Tool, and Their Fixes
- 3.1 CICFlowMeter Issue with Misordered Packets
- 3.2 Incoherent Timestamps
- 3.3 Dealing with Data Duplication
- 3.4 Attack Omission: Labelling Issues and Correction
- 4 Assessment of the Consequences on Intrusion Detection Models Performances
- 4.1 Experimental Evaluation Protocol
- 4.2 Experiments Results
- 5 Conclusion
- A Comparative Study of Attribute Selection Algorithms on Intrusion Detection System in UAVs: A Case Study of UKM-IDS20 Dataset
- 2 Literature Review
- 3 Dataset and Methods
- 3.1 Dataset
- 3.2 Attribute Selection Algorithms
- 3.3 Creating MLP Model
- 4 Modeling
- 5 Performance Evaluation
- 5.1 Scenario 1: 15 Feature
- 5.2 Scenario 2: 20 Feature
- 6 Conclusion
- PRIAH: Private Alerts in Healthcare
- 2 Background
- 2.1 Smart Hospital Ecosystem
- 2.2 Privacy-preserving Strategies.
- 2.3 Alert Detection and Edge Computing Paradigm
- 2.4 Big Data and Streaming Processing
- 3 Related Work
- 3.1 Alert Identification and Dissemination
- 3.2 Privacy Preservation
- 3.3 Real-Time Processing of Alerts
- 4 PRIAH Approach
- 4.1 PRIAH Components at the Edge
- 4.2 PRIAH Components at the Server Side
- 4.3 System Administrator
- 4.4 End-Users
- 5 Implementation and Results
- 5.1 Implementation
- 5.2 Evaluation
- Tool Paper - SEMA: Symbolic Execution Toolchain for Malware Analysis
- 1 Context
- 2 The SEMA Toolset in a Nutshell
- 3 The Architecture of SEMA
- 4 SEMA in Action
- Blockchain Survey for Security and Privacy in the e-Health Ecosystem
- 2 Research Strategy
- 3 State of the Art
- 4 Background
- 4.1 Blockchain Technology Overview
- 4.2 e-Health Applications
- 5 Security and Privacy Requirements for e-Health Applications
- 6 Blockchain Platforms and Their Security Solutions
- 6.1 Hyperledger Fabric
- 6.2 Hyperledger Besu
- 6.3 Quorum
- 6.4 Corda R3
- 6.5 Cosmos
- 7 A Security Framework for Blockchain-Based e-Health Applications
- 7.1 When Blockchain Can be Used in e-Health Applications ?
- 7.2 Which Blockchain Solution to Use?
- 8 Conclusions and Future Work
- Towards a Dynamic Testing Approach for Checking the Correctness of Ethereum Smart Contracts
- 2 Background Materials
- 2.1 Blockchain
- 2.2 Smart Contracts
- 2.3 Common Vulnerabilities
- 2.4 Blockchain Testing Techniques
- 4 Proposed Approach
- 4.1 Modelling the Smart Contract and Its Blockchain Environment
- 4.2 Test Case Generation
- 4.3 Test Case Execution
- 4.4 Test Result Analysis and Test Report Generation
- 5 Illustration
- 5.1 Case Study Description
- 5.2 Modelling the E-voting System.
- 5.3 Test Case Generation
- 5.4 Test Tool Implementation
- Blockchain Olive Oil Supply Chain
- 3 Proposed Approach
- 4 Obtained Results
- 4.1 Implemented Blockchain on Raspberry Pi
- 4.2 Web Application
- Impact of EIP-1559 on Transactions in the Ethereum Blockchain and Its Rollups
- 2.1 Layers 1 and 2 in Ethereum
- 2.2 Eip-1559
- 3 Testing Approach
- 3.1 Smart Contract
- 3.2 Interaction with the Smart Contract
- 4 Experimentation
- 4.1 Testing Results
- 4.2 Discussion
- Towards a Secure Cross-Blockchain Smart Contract Architecture
- 2 Background and Related Work
- 3 Bifröst Extension Proposal
- 3.1 Smart Contracts Invocation
- 3.2 Fault Tolerance
- 3.3 Security
- 4 Discussion and Challenges
- 5 Conclusion and Future Work
- Security Analysis: From Model to System Analysis
- 2.1 Previous MBSE Approach
- 2.2 Property Specification Patterns
- 2.3 OBP Model Checker
- 3 Motivating Example
- 3.1 System Presentation
- 3.2 General Approach
- 4 Detailed Approach
- 4.1 Environment Modeling
- 4.2 System State and Behavior
- 4.3 The OBP Model Checker
- 5 Security Property Modelling
- 5.1 Raising Abstraction Level of Formal Security Properties
- 5.2 From Attacker Interests to Formal Security Properties
- 6 Property Verification Results Analysis
- 6.1 Model Checking Embedded System Code
- 6.2 Security Property Verification
- 7 Related Works
- 8 Conclusion
- Modeling Train Systems: From High-Level Architecture Graphical Models to Formal Specifications
- 2.1 Model-Driven Engineering
- 2.2 SysML
- 2.3 Event-B
- 2.4 ATO over ERTMS Case Study Excerpt.
- 3 Related Work
- 4 The Proposed Approach
- 4.1 High-level Architecture Graphical Modeling
- 4.2 Model Transformation and Event-B Generation
- 4.3 Formal Verification
- How IT Infrastructures Break: Better Modeling for Better Risk Management
- 2.1 Risk Analysis
- 2.2 Infrastructure Modeling
- 3 Guided Risk Management for IT Infrastructures
- 3.1 Side-Effect Analysis
- 3.2 Part Analysis
- 3.3 Assembly Analysis
- 4 Case Study: A Cloud Infrastructure
- 4.1 Requirements
- 4.2 Infrastructure Model
- 4.3 Constraints
- 4.4 Risk
- 4.5 Lessons Learned
- IoT Security Within Small and Medium-Sized Manufacturing Companies
- 2 Research Methodology
- 3 Data and Findings
- 3.1 Screening
- 3.2 Experience
- 3.3 Awareness
- 3.4 Activities
- 3.5 Knowledge
- 4 Conclusion and Further Research
- An Incentive Mechanism for Managing Obligation Delegation
- 2.1 The Beta Distribution
- 2.2 Defining Obligations
- 3 An Incentive Scheme for One Hop Delegation
- 3.1 Obligation Trust
- 3.2 Delegating Obligations
- 4 Incentivising Schemes
- 4.1 Updating Obligation Trust
- 4.2 Earning Reward Credits
- 4.3 Eligibility of Delegatees
- 5 Cascaded Delegation of Obligations
- 6 Evaluation
- 6.1 Experimental Setup
- 6.2 Results
- 7 Related Work
- 8 Concluding Remarks
- Virtual Private Network Blockchain-based Dynamic Access Control Solution for Inter-organisational Large Scale IoT Networks
- 2.2 Virtual Private Networks (VPN)
- 3.1 Basic Access Control Model in IoTs
- 3.2 Inter-organisational Access Control Solution Overview
- 4 VPNBDAC for Large Scale IoT Network
- 4.1 Actors.
- 4.2 Smart Contract and Transactions
- 5 Implementation of the Prototype
- 6 Performance Evaluation
- 7 Conclusions
- Pseudonym Swapping with Secure Accumulators and Double Diffie-Hellman Rounds in Cooperative Intelligent Transport Systems
- 1.1 Pseudonyms in Cooperative Intelligent Transport Systems
- 1.2 Problem Statement
- 1.3 Contribution
- 3 Preliminaries
- 4 System Model and Architecture
- 4.1 C-ITS Trust Model and Architecture
- 4.2 Threat Model
- 4.3 Pseudonym Swapping System Model
- 5 Pseudonym Swapping with Accumulator-Based Storage
- 5.1 Proposed Alignment to ETSI Standard
- 5.2 Proposed Security Architecture
- 5.3 Protocol Definition and Algorithms
- 6 Security Analysis
- 7 Proof of Concept Implementation
- Benchmark Performance of the Multivariate Polynomial Public Key Encapsulation Mechanism
- 3 Summary of MPPK KEM
- 3.1 Key Generation
- 3.2 Encryption
- 3.3 Decryption
- 4 Benchmarking MPPK
- 4.1 NIST Level I
- 4.2 NIST Level III
- 4.3 NIST Level V
- Author Index.
- Notes:
- Description based on publisher supplied metadata and other sources.
- Other Format:
- Print version: Kallel, Slim Risks and Security of Internet and Systems
- ISBN:
- 9783031311086
- OCLC:
- 1379235569
The Penn Libraries is committed to describing library materials using current, accurate, and responsible language. If you discover outdated or inaccurate language, please fill out this feedback form to report it and suggest alternative language.