Showing papers in "Computers & Security in 2018"

TL;DR: This paper proposes an original decentralized system called bubbles of trust, which ensures a robust identification and authentication of devices, and protects the data integrity and availability in IoT.

TL;DR: This paper proposes a new attribute-based data sharing scheme suitable for resource-limited mobile users in cloud computing and is proven secure against adaptively chosen-ciphertext attacks, which is widely recognized as a standard security notion.

TL;DR: In this article, the authors proposed an Energy Efficient Dynamic Scheduling Hybrid MAC Protocol (EDS-MAC) for Traffic Adaptive Wireless Sensor Networks, which consists of two stages: (i) cluster formation, and (ii) data transmission.

TL;DR: It is shown in this paper why having a standardized representation of threat information can improve the quality of TTI, thus providing better automated analytics solutions on large volumes of T TI which are often non-uniform and redundant.

TL;DR: The privacy research community is suggested to agree on a shared definition of the different privacy constructs to allow for conclusions beyond individual samples and study designs, and provide strong evidence for the theoretical explanation approach called ‘privacy calculus’.

TL;DR: A holistic state-of-the-art review of the research on ransomware and its detection and prevention techniques is provided and a novel ransomware taxonomy is put forward, from several perspectives.

TL;DR: This paper finds that an ensemble of recurrent neural networks are able to predict whether an executable is malicious or benign within the first 5 seconds of execution with 94% accuracy, which enables cyber security endpoint protection to be advanced to use behavioural data for blocking malicious payloads rather than detecting them post-execution and having to repair the damage.

TL;DR: Proposed cybersecurity framework uses Markov model, Intrusion Detection System (IDS), and Virtual Honeypot Device (VHD) to identify malicious edge device in fog computing environment and results indicated that proposed cybersecurity framework is successful in identifying the malicious device as well as reducing the false IDS alarm rate.

TL;DR: A malware classification algorithm which converts the disassembled malware codes into gray images based on SimHash and CNN and then identifies their families by convolutional neural network is proposed, which can meet the requirements in most of the practical applications.

TL;DR: In this article, the authors explore the feasibility of constructing crafted malware samples and examine how machine-learning classifiers can be misled under three different threat models, and conclude that injecting carefully crafted data into training data can significantly reduce detection accuracy.

TL;DR: A comprehensive review of existing datasets is first done, making emphasis on their main shortcomings, then a new dataset is presented that is built with real traffic and up-to-date attacks, usefulness for evaluating IDSs that consider long-term evolution and traffic periodicity.

TL;DR: A comprehensive study that examines how risk-taking preferences, decision-making styles, demographics, and personality traits influence the security behavior intentions of device securement, password generation, proactive awareness, and updating and found that individual differences accounted for 5%–23% of the variance in cyber security behaviors.

TL;DR: A new survey about Twitter spam detection techniques to include those who do or do not have expertise in this area and those who are looking for deep understanding of this field in order to develop new methods.

TL;DR: A novel intrusion detection system with genetic-algorithm-based feature selection and multiple support vector machine classifiers for wireless mesh networks are proposed and demonstrates that the proposed system exhibits a high accuracy of attack detection and is suitable for intrusion detection in wirelessMesh networks.

TL;DR: A new method that considers safety and security together together during industrial risk analysis is proposed, which combines bowtie analysis, commonly used for safety analysis, with a new extended version of attack tree analysis, introduced for security analysis of industrial control systems.

TL;DR: This article uses machine activity metrics to automatically distinguish between malicious and trusted portable executable software samples and develops a novel classification method using Self Organizing Feature Maps to reduce over fitting during training through the ability to create unsupervised clusters of similar “behaviour” that are subsequently used as features for classification, rather than using the raw data.

TL;DR: This paper aims at providing a comprehensive survey of open source publications related to APT actors and their activities, focusing on the APT activities, rather than research on defensive or detective measures.

TL;DR: A novel approach intended not just to early detect ransomware but to completely thwart its action, which does not require previous training or knowledge and allows fighting against unknown, zero-day ransomware related attacks.

TL;DR: This paper presents a lightweight framework to identify, collect, and analyze Bitcoin addresses managed by the same user or group of users (cybercriminals), which includes a novel approach for classifying a payment as ransom.

TL;DR: A NIDS based on a feature selection method called Recursive Feature Addition (RFA) and bigram technique and a new evaluation metric called (combined) that combines accuracy, detection rate and false alarm rate in a way that helps in comparing different systems and selecting the best among them are proposed.

TL;DR: The proposed approach utilizes an LSTM encoder-decoder algorithm for modeling flight routes by analyzing sequences of legitimate ADS-B messages and is able to detect all of the injected attacks with an average false alarm rate of 4.3%.

TL;DR: This work uses a dynamic taint analysis technique to mark the system call parameters with taint tags, and proposes an algorithm to extract the common behavior graph, which is used to represent the behavioral features of a malware family.

TL;DR: This paper has proposed an optimal approach to build an effective anomaly NIDS based on Back Propagation Neural Network (BPNN) using Backpropagation Learning Algorithm, and employed a novel architecture for that network.

TL;DR: It is argued that while the term began its life in the study of politics, and only later gained usage within the domain of cybersecurity, these are applications of the same fundamental ideas: epistemic asymmetry, technocratic dominance, and teleological replacement.

TL;DR: This work classifies applicable cyber threats according to a novel taxonomy, focusing not only on the attack vectors that can be used, but also the potential impact on the systems and ultimately on the occupants and their domestic life.

TL;DR: This paper proposes a complete IDS in VANET using the combination of modified promiscuous mode for data collection and Support Vector Machine for data analysis to establish a shared trust value for every vehicle on the network as Trust Aware SVM-Based IDS (TSIDS).

TL;DR: Results of the experimental evaluations showed that the proposed framework can successfully protect mHealth applications against a wide range of attacks with negligible overhead, so it is both effective and practical.

TL;DR: This survey aims to gather all the publications proposing multi-step attack detection methods as mechanisms to reveal attack scenarios composed of digital traces left by attackers.

TL;DR: It is indicated that an individual's personal orientation toward collectivism has an impact on psychological ownership and the intention not to perform secure behaviors and psychological ownership was shown to have a significant impact on the protection motivation constructs as well as on intention.

TL;DR: The anomaly detection method has been successfully applied in detecting ICS cyber-attacks, which the widely used IDS Snort does not detect, using logs derived from industry standard ICS devices.