Cyberspace Safety and Security 13th International Symposium, CSS 2021, Virtual Event, November 9-11, 2021, Proceedings

The LNCS 13172 constitute the proceedings of the 13th International Symposium on Cyberspace Safety and Security, CSS 2021, held online, in November 2021.The 9 full papers and 5 short papers presented in this book were carefully reviewed and selected from 35 submissions. The conference focuses on Cy...

Full description

Saved in:

Bibliographic Details
Main Authors	Meng, Weizhi, Conti, Mauro
Format	eBook
Language	English
Published	Netherlands Springer Nature 2022 Springer International Publishing AG Springer International Publishing
Edition	1
Series	Lecture Notes in Computer Science
Subjects	Computer networks Computer programming, programs, data Computer security Internet-Security measures-Congresses
Online Access	Get full text
ISBN	3030940292 9783030940294 9783030940287 3030940284

Cover

Table of Contents:

4.1 Threat Model -- 4.2 Security Design -- 4.3 Post-quantum Security Analysis -- 5 Performance Evaluation -- 5.1 Execution Time -- 5.2 On-Chain Storage Space -- 5.3 Discussion About the Implications of Experiment Results -- 6 Conclusion -- References -- Flexible and Survivable Single Sign-On -- 1 Introduction -- 2 Related Work -- 3 System Model -- 4 Threat Model -- 5 Survivable Token Release -- 6 Security Guarantees -- 7 Integration with Credentials Verification and Storage Protocols -- 8 Conclusions -- References -- The Analysis and Implication of Data Deduplication in Digital Forensics -- 1 Introduction -- 2 Data Deduplication: An in Depth Examination -- 2.1 Data Deduplication - An Overview -- 2.2 OpenDedup vs. Windows Server 2012 -- 3 Affecting File System Forensic Analysis Effectiveness -- 3.1 TSK Tools -- 3.2 Effects of Data Deduplication on File System Forensics -- 3.3 Extending TSK -- 4 Positive Implications of Data Deduplication -- 5 Related Works -- 6 Conclusion -- References -- Author Index
Intro -- Preface -- Organization -- Contents -- Encrypted Malicious Traffic Detection Based on Ensemble Learning -- 1 Introduction -- 2 Related Work -- 2.1 Malicious Traffic Detection Based on Machine Learning -- 2.2 Malicious Traffic Detection Based on Deep Learning -- 3 Encrypted Malicious Traffic Detection Based on Ensemble Learning -- 3.1 Overview of Proposed Method -- 3.2 Feature Extracting -- 3.3 Primary Classifier for Statistical Features -- 3.4 Primary Classifier for Protocol Features -- 3.5 Ensemble Classifier Based on Stacking Algorithm -- 4 Evaluation -- 4.1 Experimental Environment -- 4.2 Dataset -- 4.3 Experiment Evaluation -- 4.4 Experimental Results -- 5 Conclusion -- References -- A Federated Learning Assisted Conditional Privacy Preserving Scheme for Vehicle Networks -- 1 Introduction -- 1.1 Our Contributions -- 1.2 Organisation of the Paper -- 2 Related Works -- 3 Preliminaries -- 3.1 Federated Learning -- 3.2 Fog Computing -- 3.3 Homomorphic Encryption -- 4 Models and Definitions -- 4.1 System Model -- 4.2 Adversary Model -- 4.3 Security Requirements -- 5 The Proposed Scheme -- 5.1 Initialization -- 5.2 Vehicle Data Collection -- 5.3 Fog Node Training -- 5.4 Cloud Server Aggregating -- 5.5 Model Analysis and Regulation -- 6 Security and Efficiency Analysis -- 6.1 Security Analysis -- 6.2 Efficiency Analysis -- 7 Conclusion -- References -- Dissecting Membership Inference Risk in Machine Learning -- 1 Introduction -- 2 Related Work -- 2.1 Customized Neural Network Based Classifiers -- 2.2 Confidence Score Based Membership Inference -- 2.3 Label Only Membership Inference -- 3 Notations -- 4 Activation Pattern Based MIA -- 5 Experimental Setup -- 6 Experimentation -- 6.1 Evaluating MIAs -- 6.2 Classification Correctness and Confidence Scores -- 6.3 Manipulating Membership Inference Results -- 7 Conclusion -- References
Webshell Detection Based on Explicit Duration Recurrent Network -- 1 Introduction -- 2 Related Work -- 3 Model Architecture -- 3.1 Feature Extraction -- 3.2 Feature Vectorization -- 3.3 EDRN -- 4 Experiment -- 4.1 Dataset -- 4.2 Evaluation Criteria -- 4.3 Experiment Result -- 5 Conclusion -- References -- A Practical Botnet Traffic Detection System Using GNN -- 1 Introduction -- 2 Related Work -- 2.1 From Traffic Pattern -- 2.2 Use DNS Black List -- 2.3 From Traffic Topology -- 3 GNN Based Botnet Traffic Detection System -- 3.1 System Overview -- 3.2 Data Processing Module -- 3.3 Detection Module with GNN -- 3.4 Visualisation Module -- 4 System Evaluation and Case Studies -- 4.1 Experiment Settings and Environment -- 4.2 Evaluation Metric -- 4.3 Case Study 1: P2P Botnet -- 4.4 Case Study 2: C&amp -- C Botnet -- 5 Conclusion and Future Work -- References -- Vulnerability and Transaction Behavior Based Detection of Malicious Smart Contracts -- 1 Introduction -- 2 Background and Related Work -- 2.1 Vulnerability Detection -- 2.2 Transaction Based Techniques -- 3 Methodology -- 4 Evaluation and Results -- 4.1 Data -- 4.2 Results -- 5 Conclusion and Discussion -- References -- A Novel Method of Template Protection and Two-Factor Authentication Protocol Based on Biometric and PUF -- 1 Introduction -- 2 Method -- 2.1 System Model -- 2.2 Method Description -- 3 Experiment -- 3.1 Experiment Settings -- 3.2 Experimental Results and Analysis -- 3.3 Revocability and Unlinkability -- 4 Conclusion -- References -- Realizing Information Flow Control in ABAC Mining -- 1 Introduction -- 2 Motivation -- 3 Information Flow Analysis in ABAC -- 4 Flow-Secure ABAC Mining -- 5 Related Works -- 6 Conclusions -- References -- Weak Password Scanning System for Penetration Testing -- 1 Introduction -- 2 Related Work -- 3 Principle of Weak Password Scanning
4 Design and Implementation -- 4.1 Interface Module -- 4.2 Data Reading Processing Module -- 4.3 IP Address Survival Detection Module -- 4.4 Task Scheduling Module -- 4.5 Weak Password Scanning Plugin Module -- 5 System Testing and Result Analysis -- 6 Conclusion -- References -- Environmental Adaptive Privacy Preserving Contact Tracing System for Respiratory Infectious Diseases -- 1 Introduction -- 1.1 Background -- 1.2 Related Work -- 1.3 Our Contribution -- 2 Environmental Factors -- 2.1 Overview -- 2.2 Measurement -- 3 Contact Tracing -- 3.1 Anonymous Discrete Real-Time Tracking -- 3.2 Exceptions -- 3.3 Evaluation -- 4 Framework and Threat Models -- 4.1 Framework -- 4.2 Threat Model -- 5 Construction from Rerandomizable Signatures -- 5.1 Overview of Building Block -- 5.2 Protocol Constructions -- 5.3 Security Analysis -- 6 Experiments and Evaluation -- 7 Future Work -- References -- A Privacy-Preserving Logistics Information System with Traceability -- 1 Introduction -- 1.1 Related Work -- 1.2 Paper Organisation -- 2 Preliminaries -- 2.1 Bilinear Groups -- 2.2 Complexity Assumptions -- 2.3 Formal Definition -- 2.4 Security Requirements -- 3 Construction of Our Scheme -- 3.1 High-Level Overview -- 3.2 Formal Construction -- 4 Security Analysis -- 5 Experiment and Evaluation -- 5.1 Runtime Environment -- 5.2 Timing -- 6 Conclusions -- References -- Post-quantum Key Escrow for Supervised Secret Data Sharing on Consortium Blockchain -- 1 Introduction -- 1.1 Research Contribution -- 1.2 Related Works -- 1.3 Paper Organization -- 2 Preliminaries -- 2.1 Consortium Blockchain and Hyperledger Fabric -- 2.2 Key Escrow Systems and Example Protocol -- 2.3 Post-quantum Public-Key Encryption/KEM Algorithms in the NIST Call -- 3 System Design and Implementation -- 3.1 System Architecture and Execution Flow -- 3.2 System Implementation -- 4 Security Analysis