Cybersecurity

From Proof-of-Concept to Exploitable

Exploitability assessment of vulnerabilities is important for both defenders and attackers. Existing solutions usually explore in depth the crashing paths and assess exploitability by finding exploitable states along the paths. However, exploitable states do not always exist in crashing paths. This paper utilizes oriented fuzzing to explore diverging paths from the vulnerability point and presents a novel solution to generate exploits for userspace programs and facilitate the process of crafting a kernel UAF exploit.

To read full article, please access: https://cybersecurity.springeropen.com/articles/10.1186/s42400-019-0028-9

Call for Editorial Board Members

Cybersecurity is an open-access, double-blind, peer-reviewed journal. This journal aims to systematically cover all essential aspects of cybersecurity, with a focus on reporting on cyberspace security issues, the latest research results, and real-world deployment of security technologies. For more information, please visit the journal homepage at: https://cybersecurity.springeropen.com/

We are looking for enterprising researchers or postgraduate researchers to act as the journal Editorial Board Members who active in the areas as mentioned below.

Click for more

Recent
Most accessed

Content type: Research
| 14 May 2019

ASSERT: attack synthesis and separation with entropy redistribution towards predictive cyber defense

Authors: Ahmet Okutan and Shanchieh Jay Yang
Content type: Research
| 15 April 2019

Creeper: a tool for detecting permission creep in file system access controls

Authors: Simon Parkinson, Saad Khan, James Bray and Daiyaan Shreef
Content type: Research
| 11 April 2019

Towards IP geolocation with intermediate routers based on topology discovery

Authors: Zhihao Wang, Hong Li, Qiang Li, Wei Li, Hongsong Zhu and Limin Sun
Content type: Research
| 29 March 2019

From proof-of-concept to exploitable

Authors: Yan Wang, Wei Wu, Chao Zhang, Xinyu Xing, Xiaorui Gong and Wei Zou
Content type: Survey
| 29 March 2019

Adversarial attack and defense in reinforcement learning-from AI security view

Authors: Tong Chen, Jiqiang Liu, Yingxiao Xiang, Wenjia Niu, Endong Tong and Zhen Han

Most recent articles RSS

View all articles

Content type: Survey
| 5 June 2018

Fuzzing: a survey

Authors: Jun Li, Bodong Zhao and Chao Zhang
Content type: Research
| 31 August 2018

Detecting telecommunication fraud by understanding the contents of a call

Authors: Qianqian Zhao, Kai Chen, Tongxin Li, Yi Yang and XiaoFeng Wang
Content type: Research
| 14 January 2019

DTrace: fine-grained and efficient data integrity checking with hardware instruction tracing

Authors: Xiayang Wang, Fuqian Huang and Haibo Chen
Content type: Research
| 5 June 2018

Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes

Authors: Chen Tian, Yazhe Wang, Peng Liu, Qihui Zhou and Chengyi Zhang
Content type: Survey
| 5 June 2018

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey

Authors: Qionglu Zhang, Shijie Jia, Bing Chang and Bo Chen

Most accessed articles RSS

View all articles

Thematic Series

System Security Edited by: Peng Liu

AI and Security Edited by: Xiaofeng Wang

Why submit to us

• 1^st open access journal on Cybersecurity
• APC fully covered by IIE, CAS
• Served by a dedicated international editorial board to give thorough swift editorial response

Aims and scope

This journal is aimed to systematically cover all essential aspects of cybersecurity, with a focus on reporting on cyberspace security issues, the latest research results, and real-world deployment of security technologies.

The journal publishes research articles and reviews in the areas including, but not limited to:

• Cryptography and its applications
• Network and critical infrastructure security
• Hardware security
• Software and system security
• Cybersecurity data analytics
• Data-driven security and measurement studies
• Adversarial reasoning
• Malware analysis
• Privacy-enhancing technologies and anonymity
• IoT Security
• AI Security

Call for Papers

Thematic Series: Hardware Security

Submission Due: June 30, 2019

Guest Editors:
Haibo Chen, Shanghai Jiao Tong University, China
Yinqian Zhang, The Ohio State University, USA
Rui Hou, Chinese Academy of Sciences, China

Upcoming Events

The 40th IEEE Symposium on Security and Privacy
(20-22 May 2019, San Francisco, CA, USA)

The 28th USENIX Security Symposium
(14-16 August 2019, Santa Clara, CA, USA)

The 22nd International Symposium on Research in Attacks, Intrusions and Defenses
(23-25 September 2019, Beijing, China)

The 26th ACM Conference on Computer and Communications Security
(11-15 November 2019, London, UK)

Editor-in-Chief: MENG Dan

New Content Item (1)

Full Professor in Institute of Information Engineering (IIE), Chinese Academy of Sciences (CAS). His work focuses on network and system security, parallel distributed processing. He has lead important research projects including Dawning supercomputers, National Science and Technology Major Project, National High Technology Research and Development Program of China, and strategic priority research program of CAS. He has published over one hundred peer-reviewed papers. He is the director of IIE, after serving as the deputy director of IIE, the deputy director of the High Technology Research and Development Bureau of CAS.

Executive Editor-in-Chief: LIU Peng

New Content Item (1)

LIU Peng received his BS and MS degrees from the University of Science and Technology of China, and his PhD from George Mason University in 1999. Dr. Liu is a Professor of Information Sciences and Technology, founding Director of the Center for Cyber-Security, Information Privacy, and Trust, and founding Director of the Cyber Security Lab at Penn State University. His research interests are in all areas of computer and network security. He has published a monograph and over 260 refereed technical papers. His research has been sponsored by NSF, ARO, AFOSR, DARPA, DHS, DOE, AFRL, NSA, TTC, CISCO, and HP. He has served as a program (co-)chair or general (co-)chair for over 10 international conferences (e.g., Asia CCS 2010) and workshops (e.g., MTD 2016). He chaired the Steering Committee of SECURECOMM during 2008-14. He has served on over 100 program committees and reviewed papers for numerous journals. He is an associate editor for IEEE TDSC. He is a recipient of the DOE Early Career Principle Investigator Award. He has co-led the effort to make Penn State a NSA-certified National Center of Excellence in Information Assurance Education and Research. He has advised or co-advised over 30 PhD dissertations to completion.

Cybersecurity

From Proof-of-Concept to Exploitable

Call for Editorial Board Members

ASSERT: attack synthesis and separation with entropy redistribution towards predictive cyber defense

Creeper: a tool for detecting permission creep in file system access controls

Towards IP geolocation with intermediate routers based on topology discovery

From proof-of-concept to exploitable

Adversarial attack and defense in reinforcement learning-from AI security view

Fuzzing: a survey

Detecting telecommunication fraud by understanding the contents of a call

DTrace: fine-grained and efficient data integrity checking with hardware instruction tracing

Using IM-Visor to stop untrusted IME apps from stealing sensitive keystrokes

Ensuring data confidentiality via plausibly deniable encryption and secure deletion – a survey