An interface diversified honeypot for malware analysis

Defending information systems against advanced attacks is a challenging task; even if all the systems have been properly updated and all the known vulnerabilities have been patched, there is still the possibility of previously unknown zero day attack compromising the system. Honeypots offer a more proactive tool for detecting possible attacks. What is more, they…

Obfuscation and Diversification for Securing Cloud Computing

The evolution of cloud computing and advancement of its services has motivated the organizations and enterprises to move towards the cloud, in order to provide their services to their customers, with greater ease and higher efficiency. Utilizing the cloud-based services, on one hand has brought along numerous compelling benefits and, on the other hand, has…

Software Security Considerations for IoT

Internet of Things (IoT) is a swiftly growing technology and business domain that is expected to revolutionize the modern trade. Nonetheless, shortcomings in security are common in this new domain and security issues are the Achilles’ heel of the new technology. In this study, we analyze different security solutions for IoT devices and propose suitable…

A Proxy-Based Solution for Asynchronous Telemedical Systems

Asynchronous telemedicine systems face many challenges related to information security as the patient’s sensitive information and data on medicine dosage is transmitted over a network when monitoring patients and controlling asynchronous telemedical IoT devices. This information may be modified or spied on by a malicious adversary. To make asynchronous telemedicine systems more secure, the authors…

Case Study of Agile Security Engineering: Building Identity Management for a Government Agency

Security concerns are increasingly guiding both the design and processes of software-intensive product development. In certain environments, the development of the product requires special security arrangements for development processes, product release, maintenance and hosting, and specific security-oriented processes and governance. Integrating the security engineering processes into agile development methods can have the effect of mitigating…

Introducing Trust into the Digabi Platform

The use of students’ personal devices makes prop- erly securing electronic matriculation examination a particularly difficult challenge. How to make sure that the examinees do not have access to unauthorized materials, when they have unlimited physical access to the hardware? In this proposal, we provide an overview on how trusted computing based techniques could be…

Security in container-based virtualization through vTPM

Cloud computing is a wide-spread technology that enables the enterprises to provide services to their customers with a lower cost, higher performance, better availability and scalability. However, privacy and security in cloud computing has always been a major challenge to service providers and a concern to its users. Trusted computing has led its way in…

Modeling the delivery of security advisories and CVEs

This empirical paper models three structural factors that are hypothesized to affect the turnaround times between the publication of security advisories and Common Vulnerabilities and Exposures (CVEs). The three structural factors are: (i) software product age at the time of advisory release; (ii) severity of vulnerabilities coordinated; and (iii) amounts of CVEs referenced in advisories….

Malware distributions and graph structure of the Web

Knowledge about the graph structure of the Web is important for understanding this complex socio-technical system and for devising proper policies supporting its future development. Knowledge about the differences between clean and malicious parts of the Web is important for understanding potential treats to its users and for devising protection mechanisms. In this study, we…

Programming Model Perspective on Security and Privacy of Social Cyber-Physical Systems

Both number and diversity of computer-enabled physical objects in our surroundings is rapidly increasing. Such objects offer connectivity and are programmable, which forms basis for new kinds of cyber-physical computing environments. This has inspired us to propose a programming model called Action-Oriented Programming (AcOP), where focus is at simplifying the creation of applications that build…

Towards Self-aware Approach for Mobile Devices Security

We present conceptual design of self-aware security for mobile devices. The design is envisioned to bring self-awareness into the mobile devices security for optimal protection by regulating application activities. The proposed design contains three subsystems: meta-levelenables self-awareness, extended meta-level extends protections to the base-level components through security mechanisms and base-level comprises of resources that are…

SMS and one-time-password interception in LTE networks

The Interconnection network connects the communication networks themselves to each other enabling features such as roaming and data services between those said networks. It has been known since 2014 that using the legacy SS7 (Signaling System No. 7) protocol SMS based traffic can be intercepted. Network providers are now moving towards diameter based LTE networks…

Providing for Privacy in a Network Infrastructure Protection Context

Machine Learning and Big Data Analysis are seen as the silver bullet to detect and counteract attacks on critical communication infrastructure. Every message is analysed and is to some degree under suspicion. The principle of innocent until proven guilty does not seem to apply to modern communication usage. On the other hand, criminals would gain…

Self-aware Access Control System for Android

We present the conceptual system design of self-aware access control system that enhance the security of Android platform. The objective of the self-awareness is to achieve optimal security through learning of application behaviors and then optimizing the access control policies accordingly. The self-configure, learn and optimize components of the self-aware agent are responsible for the…

Exploring the clustering of software vulnerability disclosure notifications across software vendors

This exploratory empirical paper investigates annual time delays between vulnerability disclosure notifications and acknowledgments by means of network analysis. These delays are approached through a potential clustering effect of vulnerabilities across software vendors. The analysis is based on a projection from bipartite vendor-vulnerability structures to one-mode vendor-vendor networks, while the hypothesized clustering effect is approached…

Tightroping between APT and BCI in small enterprises

The contemporary internet provisions increasingly sophisticated security attacks. Besides underlining the advanced nature of these attacks, the concept of an advanced persistent threat (APT) catalyzes the important perspective of longitudinal persistence; attacks are not only carefully planned and targeted but the subsequent exploitation period covers long periods of time. If an APT successfully realizes into…

Busting a Myth: Review of Agile Security Engineering Methods

Engineering methods are essential in software development, and form a crucial element in the design and implementation of software security. Security engineering processes and activities have a long and well-standardized history of integration with software development methods. The inception of iterative and incremental software development methods raised suspicions of an inherent incompatibility between the traditional…

EyeCloud: A BotCloud Detection System

Leveraging cloud services, companies and organizations can significantly improve their efficiency, as well as building novel business opportunities. A significant research effort has been put in protecting cloud tenants against external attacks. However, attacks that are originated from elastic, on-demand and legitimate cloud resources should still be considered seriously. The cloud-based botnet or botcloud is…

Applying Internal Interface Diversification to IoT Operating Systems

Internet of Things (IoT) currently covers billions of devices with identical internal software interfaces. This software monoculture exposes the systems to the same security vulnerabilities. Internal interface diversification, by introducing diverse and unique interfaces on each device, is a solution for this problem. In this paper, we discuss interface diversification in the context of IoT…

Obfuscation and Diversification for Securing Cloud Computing

The evolution of cloud computing and advancement of its services has motivated the organizations and enterprises to move towards the cloud, in order to provide their services to their customers, with greater ease and higher efficiency. Utilizing the cloud-based services, on one hand has brought along numerous compelling benefits and, on the other hand, has…

Battlefield Digital Forensics: Digital Intelligence and Evidence Collection in Special Operations

Troops in contact in the battlefield are very likely to be exposed to the enemy’s digital information. Digital media collection by Special Operation Forces (SOF) might provide the critical information needed to penetrate the enemy’s decision matrix and support legal actions against insurgents. Following up on Dr William G Perry’s ideas for ‘Assuring Digital Intelligence Collection’,…

Defending mobile devices for high level officials and decision-makers

Smartphones are an inevitable presence in everyday life. High-level officials and decision-makers use mobile devices to handle and store sensitive information that should be protected as well as possible. However, those mobile devices are fundamentally unsecurable – it is impossible to have absolutely secure systems, even if users follow security policies. In addition to possibly…

Counterfeiting and Defending the Digital Forensic Process

During the last years, criminals have become aware of how digital evidences that lead them to courts and jail are collected and analyzed. Hence, they have started to develop antiforensic techniques to evade, hamper, or nullify their evidences. Nowadays, these techniques are broadly used by criminals, causing the forensic analysis to be in a state…

Evaluation of user authentication methods in the gadget-free world

In an ideal gadget-free environment the user is interacting with the environment and the services through only “natural” means. This imposes restrictions on many aspects of the interaction. One key element in this is user authentication, because it assures the environment and related services of the legitimacy of user’s actions and empowers the user to…

Detection of Fake Profiles in Social Media – Literature Review

False identities play an important role in advanced persisted threats and are also involved in other malicious activities. The present article focuses on the literature review of the state-of-the-art research aimed at detecting fake profiles in social media. The approaches to detecting fake social media accounts can be classified into the approaches aimed on analysing…

Revealing Fake Profiles in Social Networks by Longitudinal Data Analysis

The goal of the current research is to detect fake identities among newly registered users of vk.com. Ego networks in vk.com for about 200.000 most recently registered profiles were gathered and analyzed longitudinally. The reason is that a certain percentage of new user accounts are faked, and the faked accounts and normal accounts have different…

Modeling the delivery of security advisories and CVEs

This empirical paper models three structural factors that are hypothesized to affect the turnaround times between the publication of security advisories and Common Vulnerabilities and Exposures (CVEs). The three structural factors are: (i) software product age at the time of advisory release; (ii) severity of vulnerabilities coordinated; and (iii) amounts of CVEs referenced in advisories….

An outlook on the institutional evolution of the European Union cyber security apparatus

This paper observes the evolution of cyber security institutions recently established in the European Union. These institutions are based on older national, regional, and international Internet governance networks for voluntary transnational coordination of cyber security. The entry of the European Union in the cyber security domain caused a visible institutional change in the operational and…

Electronic Citizen Identities and Strong Authentication

Both public and commercial services in most countries depend on government-issued identity documents for citizen authentication. Traditionally such documents have been fairly uniform around the world, i.e. identity cards and passports. The dawn of strong electronic authentication, however, has created a much more diverse situation. New technologies such as tamper-proof microchips and cryptographic authentication are…

A Survey on Anti-honeypot and Anti-introspection Methods

Modern virtual machines, debuggers, and sandboxing solutions lend themselves towards more and more inconspicuous ways to run honeypots, and to observe and analyze malware and other malicious activity. This analysis yields valuable data for threat-assessment, malware identification and prevention. However, the use of such introspection methods has caused malware authors to create malicious programs with…

Security in Container-Based Virtualization through vTPM

Cloud computing is a wide-spread technology that enables the enterprises to provide services to their customers with a lower cost, higher performance, better availability and scalability. However, privacy and security in cloud computing has always been a major challenge to service providers and a concern to its users. Trusted computing has led its way in…

Security Risk Visualization with Semantic Risk Model

Understanding and analysing security risks is an essential task when designing and maintaining a systems’ security. The first risk analysis should be performed during the system design. Identified risks have to be updated during the lifecycle when security controls are implemented or new threats appear. Visualization facilitates the risk analysis process, but visualizing the huge…

We Know Where You Are! – Utilising Telecom Core Network for User Tracking

Mobile network technologies require some degree of tracking of user location, specifically user equipment tracking, as part of their fundamental mechanism of working. Without this basic function, features such as hand-over between cells would not work. Since mobile devices are typically associated with a single person, this provides a potential mechanism for user location surveillance….

Deploying Software-Defined Networks: a Telco Perspective

Software-Defined Networking (SDN) proposes a new network architecture in which the control plane and forwarding plane are decoupled. SDN can improve network efficiency and ease of management through the centralization of the control and policy decisions. However, SDN deployments are currently limited to data-center and experimental environments. This thesis surveys the deployment of SDN from…

Honeypot utilization for analyzing cyber attacks

Honeypot systems are an effective method for defending production systems from security breaches and to gain detailed information about attackers’ motivation, tactics, software and infrastructure. In this paper we present how different types of honeypots can be employed to gain valuable information about attacks and attackers, and also outline new and innovative possibilities for future…

Improving the Sphinx Mix Network

Secure mix networks consider the presence of multiple nodes that relay encrypted messages from one node to another in such a way that anonymous communication can be achieved. We consider the Sphinx mix formatting protocol by Danezis and Goldberg (IEEE Security and Privacy 2009), and analyze its use of symmetric-key cryptographic primitives. We scrutinize the…

Security in container-based virtualization through vTPM

Cloud computing is a wide-spread technology that enables the enterprises to provide services to their customers with a lower cost, higher performance, better availability and scalability. However, privacy and security in cloud computing has always been a major challenge to service providers and a concern to its users. Trusted computing has led its way in…

Interface diversification in IoT operating systems

With the advancement of Internet in Things (IoT) more and more “things” are connected to each other through the Internet. Due to the fact that the collected information may contain personal information of the users, it is very important to ensure the security of the devices in IoT. Diversification is a promising technique that protects…

I accidentally malware – what should I do… is this dangerous? Overcoming inevitable risks of electronic communication

The aim of this study is to find mitigation techniques for a number of risks resulting from the usage of systems that will eventually become infected. The key results of this study are a set of threat descriptions related to various attack phases, existing mitigation mechanisms, proposed improvements for existing mitigation mechanisms, and novel mitigations….

Security Testing SDN Controllers

Software-defined networking is a new paradigm that separates the network’s control plane from the data plane. Many SDN controllers have been implemented since this concept was first introduced. As with other network models, security becomes an important requirement because adversaries can launch various attacks to steal sen- sitive data, manipulate network’s state or cause denial…

Interface diversification in IoT operating systems

With the advancement of Internet in Things (IoT) more and more “things” are connected to each other through the Internet. Due to the fact that the collected information may contain personal information of the users, it is very important to ensure the security of the devices in IoT. Diversification is a promising technique that protects…

A Post-Mortem Empirical Investigation of the Popularity and Distribution of Malware Files in the Contemporary Web-Facing Internet

This empirical paper investigates a snapshot of about two million files from a continuously updated big data collection maintained by F-Secure for security intelligence purposes. By further augmenting the snapshot with open data covering about a half of a million files, the paper examines two questions: (a) what is the shape of a probability distribution…

Integrating Security Consideration Into a Safety Case Construction

Wide-spread reliance on networking in modern safety-critical control systems makes security increasingly interwoven with safety. Hence, we need novel methodologies integrating security consideration into the process of system development and safety case construction. Safety case is a structured argument justifying system safety. In this paper, we propose an approach that relies on the systems-theoretic analysis…

From Requirements Engineering to Safety Assurance: Refinement Approach

Formal modelling and verification are widely used in the development of safety-critical systems. They aim at providing a mathematically-grounded argument about system safety. In particular, this argument can facilitate construction of a safety case – a structured safety assurance document required for certification of safety-critical systems. However, currently there is no adequate support for using…

Implementation Experiences and Design Challenges for Resilient SDN Based Secure WAN Overlays

Mobile computing devices, industrial control sys-tems, and service provider clouds need to be connected toeach other over wide area networks. However, reliability,quality of services and confidentiality are challenging in suchsetups. Moreover, isolated appliances and physical equipmentface harsh environment conditions. While application specificgateways can be more secure alternative, their time to marketis typically high, and things…

“Make Sure DSA Signing Exponentiations Really are Constant-Time”

TLS and SSH are two of the most commonly used protocols for securing Internet traffic. Many of the implementations of these protocols rely on the cryptographic primitives provided in the OpenSSL library. In this work we disclose a vulnerability in OpenSSL, affecting all versions and forks (e.g. LibreSSL and BoringSSL) since roughly October 2005, which…

OSLC-based Support for Integrated Development of Dependable Systems

Engineering of dependable systems is an inherently heterogenous field and involves the use of a wide range of techniques to analyse different aspects of the system behaviour and properties. Various standards typically prescribe a set of techniques to be used and a development process that should be followed to achieve a high degree of dependability…

Risk-driven security metrics development for an e-health IoT application

Security and privacy for e-health Internet-of-Things applications is a challenge arising due to the novelty and openness of the solutions. We analyze the security risks of an envisioned e-health application for elderly persons’ day-to-day support and chronic disease self-care, from the perspectives of the service provider and end-user. In addition, we propose initial heuristics for…

Recipient Privacy in Online Social Networks

Alongside the intensive growth of Online Social Networks (OSNs), privacy has become an important concept and requirement when sharing content online, leading users to enforce privacy often using encryption when sharing content with multiple recipients. Although cryptographic systems achieve common privacy goals such as confidentiality, key privacy, and recipient privacy, they have not been designed…

Steps Towards Fuzz Testing in Agile Test Automation

Including and automating secure software development activities into agile development processes is challenging. Fuzz testing is a practical method for finding vulnerabilities in software, but has some characteristics that do not directly map to existing processes. The main challenge is that fuzzing needs to continue to show value while requiring minimal effort. The authors present…

Towards security metrics-supported IP traceback

The threat of DDOS and other cyberattacks has increased during the last decade. In addition to the radical increase in the number of attacks, they are also becoming more sophisticated with the targets ranging from ordinary users to service providers and even critical infrastructure. According to some resources, the sophistication of attacks is increasing faster…

A Tool for Security Measuring and Probe Management

Designing and maintaining correct security countermeasures to support trustworthiness require comprehensive understanding of current security posture, i.e., Situational Awareness (SA). Security SA means that a decision maker is aware of protected assets, existing vulnerabilities, and risk mitigation techniques. Applying security metrics offers a holistic way to gain Situational Awareness. However, it is a challenge to…

A Study on the State of Practice in Security Situational Awareness

We present the results of an interview study on the state of practice for Situational Awareness (SA) in the cybersecurity industry. Representatives from four global companies providing cybersecurity monitoring and analysis services and products were interviewed to get a view into the current state of practice in SA. The interviews were performed as a form…

Secure, Usable and Privacy-Friendly User Authentication from Keystroke Dynamics

User authentication is a key tehnology in human machine interaction. The need to establish the legitimacy of transactions and possibly the actors behind them is crucial for trustworthy operation of services over the internet. A good authentication method offers security, usability and privacy protections for users and the service providers. However, achieving all three properties…

Enhanced Security for Mobile User Authentication and Single Sign-On

Single Sign-on (SSO) systems simplify user authentication for the many online services that we need to access every day. Solutions exist for both intra-organizational use and for the open web. While SSO systems meet their main goal of reducing the number of passwords that a user needs to memorize, many other aspects can still be…

The Use of Usable Security and Security Education to Fight Phishing Attacks

Social engineering and other phishing techniques predominantly exploit human vulnerabilities. People who lack the proper awareness, knowledge and skills in information security become easy prey for phishers and other cybercriminals. Equally dangerous is the poor usability of security-critical information systems and anti-phishing software, which impedes user performance and also drives users to be negligent about…

An interface diversified honeypot for malware analysis

Defending information systems against advanced attacks is a challenging task; even if all the systems have been properly updated and all the known vulnerabilities have been patched, there is still the possibility of previously unknown zero day attack compromising the system. Honeypots offer a more proactive tool for detecting possible attacks. What is more, they…

Secure and Low-Power Authentication for Resource-Constrained Devices

The Internet of Things (IoT) refers to an interconnected world where physical devices seamlessly integrate into a global network and become active participants of business, information, and social processes. These physical devices are referred to as smart objects since they understand and react to the environment they reside in. However, deploying such Internet-connected smart objects…

Formalisation-Driven Development of Safety-Critical Systems

The use of formal modelling and verification is recommended by several standards in the development of highly critical systems. However, the standards do not prescribe a process that enables a seamless integration of formalisation activities into the development process. In this paper, we propose a model and an automated tool support for an iterative formalisation-driven…

Usability and Security in Password Managers: A Quest for User-Centric Properties and Features

The main purposes of a Password Manager (PM) areto handle and securely store the users’ passwords from different services and simplifythe login process.A PMshouldrelieve the users from thetedious task of constantly rememberingand frequently recalling theirlogin credentials.Quite often though,due tothePM’ s poor usability and because of limited user-experience, users encounter difficultiesto perform evenbasic actionssuch as safelogin…

The Formal Derivation of Mode Logic for Autonomous Satellite Flight Formation

Satellite formation flying is an example of an autonomous distributed system that relies on complex coordinated mode transitions to accomplish its mission. While the technology promises significant economical and scientific benefits, it also poses a major verification challenge since testing the system on the ground is impossible. In this paper, we experiment with formal modelling…

Future micro operators’ business models in 5G

This paper focuses on creating an approach and discussing the co-opetitive business models of Micro Operators (μO) in the indoors/small cell 5G environment. We define the μO as an entity that combines connectivity with specific content services in spatially confined domains and is dependent on appropriate spectrum resources. We review the literature of 5G business…

On the Design of a Simple Network Resolver for DNS Mining

The domain name system (DNS) offers an ideal distributed database for big data mining related to different cyber security questions. Besides infrastructural problems, scalability issues, and security challenges related to the protocol itself, information from DNS is often required also for more nuanced cyber security questions. Against this backdrop, this paper discusses the fundamental characteristics…

Detach Me Not – DoS Attacks Against 4G Cellular Users Worldwide from your Desk

Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backend, the general awareness of security and privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology – specifically the Signaling System 7 (SS7) – has disclosed numerous ways to locate, track and manipulate the…

An outlook on the institutional evolution of the European Union cyber security apparatus

This paper observes the evolution of cyber security institutions recently established in the European Union. These institutions are based on older national, regional, and international Internet governance networks for voluntary transnational coordination of cyber security. The entry of the European Union in the cyber security domain caused a visible institutional change in the operational and…

The Black Mark beside My Name Server: Exploring the Importance of Name Server IP Addresses in Malware DNS Graphs

This short exploratory empirical paper examines a question of how important the Internet protocol (IP) addresses of name servers are in linking together Internet domains that have distributed malware or otherwise having been associated with malicious computer networks. By using the domain name system (DNS) for building a relational representation, the found importance is elaborated…

A Survey on Aims and Environments of Diversification and Obfuscation in Software Security

Diversification and obfuscation methods are promising approaches used to secure software and prevent malware from functioning. Diversification makes each software instance unique so that malware attacks cannot rely on the knowledge of the program’s execution environment and/or internal structure anymore. We present a systematic literature review on the state of-the-art of diversification and obfuscation research…

We Know Where You Are!

Mobile network technologies require some degree of tracking of user location, specifically user equipment tracking, as part of their fundamental mechanism of working. Without this basic function, features such as hand-over between cells would not work. Since mobile devices are typically associated with a single person, this provides a potential mechanism for user location surveillance….

Privacy in LTE networks

Ever since the public revelation of global surveillance and the exploits targeting the mobile communication backened, the general awareness of user privacy in telecommunication industry has increased. Misusing the technical features of mobile core network technology-specifically the Signalling System 7 (SS7) has disclosed numerous ways to locate the mobile users, intercept the voice calls or…

Case Study of Security Development in an Agile Environment: Building Identity Management for a Government Agency

In contemporary software development projects and computing tasks, security concerns have an increasing effect, and sometimes even guide both the design and the project’s processes. In certain environments, the demand for the security becomes the main driver of the development. In these cases, the development of the product requires special security arrangements for development and…

Some dangers from 2G networks legacy support and a possible mitigation

We present in this short study, some of the well-known problems with the current legacy support for 2G cellular networks, and the security and authentication problems this poses, as demonstrated in recent document leaks about spying from US embassies. We have conducted focused radio measurements in the Helsinki Metropolitan area on these security problems and…

Towards Security-Explicit Formal Modelling of Safety-Critical Systems

Modern industrial control systems become increasingly interconnected and rely on external networks to provide their services. Hence they become vulnerable to security attacks that might directly jeopardise their safety. The growing understanding that if the system is not secure then it is not safe calls for novel development and veri cation techniques weaving security consideration into…

An integrated approach to deriving safety and security requirements from safety case

Increasing reliance on networking in modern safety-critical control systems requires novel methodologies integrating security consideration in the system development. We propose a systematic approach enabling systematic derivation of both safety and security constraints from the safety case. Safety case is a structured argument justifying system safety. We demonstrate how decomposition of safety goals results in…

An SDN-based approach to enhance the end-to-end security: SSL/TLS case study

End-to-end encryption is becoming the norm for many applications and services. While this improves privacy of individuals and organizations, the phenomenon also raises new kinds of challenges. For instance, with the increase of devices using encryption, the volumes of outdated, exploitable encryption software also increases. This may create some distrust amongst the users against security…

Faster Binary Curve Software: A Case Study

For decades, elliptic curves over binary fields appear in numerous standards including those mandated by NIST, SECG, and ANSI X9.62. Many popular security protocols such as TLS explicitly support these named curves, along with implementations of those protocols such as OpenSSL and NSS. Over the past few years, research in improving the performance and/or security…

Faster Software for Fast Endomorphisms

GLV curves (Gallant et al.) have performance advantages over standard elliptic curves, using half the number of point doublings for scalar multiplication. Despite their introduction in 2001, implementations of the GLV method have yet to permeate widespread software libraries. Furthermore, side-channel vulnerabilities, specifically cache-timing attacks, remain unpatched in the OpenSSL code base since the first…

Trading Exploits Online: A Preliminary Case Study

A software defect that exposes a software system to a cyber security attack is known as a software vulnerability. A software security exploit is an engineered software solution that successfully exploits the vulnerability. Exploits are used to break into computer systems, but exploits are currently used also for security testing, security analytics, intrusion detection, consultation,…

Instrumentation of Linux-based Mobile Device

Sensitive information are extensively stored and handled in users’ mobile devices that sets challenges in terms of information security. One of the main targets of malicious mobile applications is to steal sensitive information. Mobile devices need tools and mechanisms to provide visibility how applications access sensitive system resources and handle information. Security assessment for a…

Adaptive monitoring and management of security events with SDN

All along changing connectivity requirements and new technologies have increased the complexity and dynamism of distributed system, thus presenting tough challenges for the network management and the network security. As a result new ways for monitoring and managing of security events are required. We present a novel idea how to exploit the software defined networking…

Remote attestation for Embedded systems

Large distributed systems, like Industrial Control Systems, should be able to verify that devices that are connected to trusted entities are real authorized network nodes running unmodified firmware. Remote attestation is a mechanism that can provide limited confidence of device identity and integrity. Remote attestation allows a remote verifier, e.g. a service provider, to verify…

Software Vulnerability Life Cycles and the Age of Software Products: An Empirical Assertion with Operating System Products

This empirical paper examines whether the age of software products can explain the turnaround between the release of security advisories and the publication vulnerability information. Building on the theoretical rationale of vulnerability life cycle modeling, this assertion is examined with an empirical sample that covers operating system releases from Microsoft and two Linux vendors. Estimation…

Practical implications and requirements of diversifying interpreted languages

Instruction set randomization (ISR) provides a strong defense against all types of injection attacks, especially in interpreted environments. However, fully enabling a system to benefit from language interpreters that support programs diversified with ISR requires several alterations and considerations. In this paper we identify core challenges related to enabling system-wide interpreter diversification. We also propose…