Cybersecurity

Feature Article

New Content Item

From proof-of-concept to exploitable

Exploitability assessment of vulnerabilities is important for both defenders and attackers. Existing solutions usually explore in depth the crashing paths and assess exploitability by finding exploitable states along the paths. However, exploitable states do not always exist in crashing paths. This paper utilizes oriented fuzzing to explore diverging paths from the vulnerability point and presents a novel solution to generate exploits for userspace programs and facilitate the process of crafting a kernel UAF exploit.

Recent
Most accessed

ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities

Authors: Yu Zhang, Wei Huo, Kunpeng Jian, Ji Shi, Longquan Liu, Yanyan Zou, Chao Zhang and Baoxu Liu

Content type: Research

19 July 2021
LSTM RNN: detecting exploit kits using redirection chain sequences

Authors: Jonah Burgess, Philip O’Kane, Sakir Sezer and Domhnall Carlin

Content type: Research

12 July 2021
Bin2vec: learning representations of binary executable programs for security tasks

Authors: Shushan Arakelyan, Sima Arasteh, Christophe Hauser, Erik Kline and Aram Galstyan

Content type: Research

1 July 2021
VAECGAN: a generating framework for long-term prediction in multivariate time series

Authors: Xiang Yin, Yanni Han, Zhen Xu and Jie Liu

Content type: Research

1 July 2021
Hypervisor-assisted dynamic malware analysis

Authors: Roee S. Leon, Michael Kiperberg, Anat Anatey Leon Zabag and Nezer Jacob Zaidenberg

Content type: Research

2 June 2021

Most recent articles RSS

View all articles

Survey of intrusion detection systems: techniques, datasets and challenges

Authors: Ansam Khraisat, Iqbal Gondal, Peter Vamplew and Joarder Kamruzzaman

Content type: Survey

17 July 2019
Fuzzing: a survey

Authors: Jun Li, Bodong Zhao and Chao Zhang

Content type: Survey

5 June 2018
Detecting telecommunication fraud by understanding the contents of a call

Authors: Qianqian Zhao, Kai Chen, Tongxin Li, Yi Yang and XiaoFeng Wang

Content type: Research

31 August 2018
Adversarial attack and defense in reinforcement learning-from AI security view

Authors: Tong Chen, Jiqiang Liu, Yingxiao Xiang, Wenjia Niu, Endong Tong and Zhen Han

Content type: Survey

29 March 2019
An emerging threat Fileless malware: a survey and research challenges

Authors: Sudhakar and Sushil Kumar

Content type: Survey

14 January 2020

Most accessed articles RSS

View all articles

Thematic Series

2020

Data-Driven Security
Edited by: Yang Liu, Xinming Ou, Xinyu Xing, Guozhu Meng

2019

Data Security and Privacy
Edited by: Dan Lin, Jingqiang Lin and Bo Luo

Information Abuse Prevention
Edited by: Gang Li and Jianlong Tan

2018
System Security Edited by: Peng Liu

AI and Security Edited by: Xiaofeng Wang

Why submit to us

• 1^st open access journal on Cybersecurity
• APC fully covered by IIE, CAS
• Served by a dedicated international editorial board to give thorough swift editorial response

Aims and scope

This journal is aimed to systematically cover all essential aspects of cybersecurity, with a focus on reporting on cyberspace security issues, the latest research results, and real-world deployment of security technologies.

The journal publishes research articles and reviews in the areas including, but not limited to:

• Cryptography and its applications
• Network and critical infrastructure security
• Hardware security
• Software and system security
• Cybersecurity data analytics
• Data-driven security and measurement studies
• Adversarial reasoning
• Malware analysis
• Privacy-enhancing technologies and anonymity
• IoT Security
• AI Security

Call for Papers

Thematic Series: Explainable Artificial Intelligence (X.A.I.) for Cyber Threat Intelligence
Submission Due: December 30, 2021
Guest Editors:
Prof. Youssef Baddi, Chouaib Doukkali University, Morocco
Prof. Yassine Maleh, Sultan Moulay Slimane University, Morocco
Prof. Lo'ai Tawalbeh, Texas A&M University, USA
Prof. Ahmed A. Abd El-Latif, Menoufia University, Egypt

Thematic Series: Zero Trust Access Architecture
Submission Due: December 15, 2021
Guest Editors:
Shiva Raj Pokhrel, Deakin University, Australia
Min Yu, Institute of Information Engineering, Chinese Academy of Sciences, China
Christos Douligeris, University of Piraeus, Greece
Constantinos Patsakis, University of Piraeus, Greece
Gang Li, Deakin University, Australia

Thematic Series: Applied Cryptography in Computer and Communications
Submission Due: August 1, 2021
Guest Editors:
Bo Chen, Michigan Technological University, USA
Xinyi Huang, Fujian Normal University, China
Miroslaw Kutylowski, Wroclaw University of Science and Technology, Poland
Joseph K. Liu, Monash University, Australia

Thematic Series: Trustworthy Smart Systems
Submission Due: July 31, 2021
Guest Editors:
Wei Wang, Beijing Jiaotong University, China
Yufei Han, INRIA, France
Bian Yang, Norwegian University of Science and Technology, Norway
Sencun Zhu, The Pennsylvania State University, USA

Upcoming Events

30th Usenix Security Symposium
(11–13 August 2021, Vancouver, Canada)
ACM Conference on Computer and Communications Security
(14-19 November 2021, Seoul, South Korea)

Editor-in-Chief: MENG Dan

New Content Item (1)

Full Professor in Institute of Information Engineering (IIE), Chinese Academy of Sciences (CAS). His work focuses on network and system security, parallel distributed processing. He has lead important research projects including Dawning supercomputers, National Science and Technology Major Project, National High Technology Research and Development Program of China, and strategic priority research program of CAS. He has published over one hundred peer-reviewed papers. He is the director of IIE, after serving as the deputy director of IIE, the deputy director of the High Technology Research and Development Bureau of CAS.

Executive Editor-in-Chief: LIU Peng

New Content Item (1)

LIU Peng received his BS and MS degrees from the University of Science and Technology of China, and his PhD from George Mason University in 1999. Dr. Liu is a Professor of Information Sciences and Technology, founding Director of the Center for Cyber-Security, Information Privacy, and Trust, and founding Director of the Cyber Security Lab at Penn State University. His research interests are in all areas of computer and network security. He has published a monograph and over 260 refereed technical papers. His research has been sponsored by NSF, ARO, AFOSR, DARPA, DHS, DOE, AFRL, NSA, TTC, CISCO, and HP. He has served as a program (co-)chair or general (co-)chair for over 10 international conferences (e.g., Asia CCS 2010) and workshops (e.g., MTD 2016). He chaired the Steering Committee of SECURECOMM during 2008-14. He has served on over 100 program committees and reviewed papers for numerous journals. He is an associate editor for IEEE TDSC. He is a recipient of the DOE Early Career Principle Investigator Award. He has co-led the effort to make Penn State a NSA-certified National Center of Excellence in Information Assurance Education and Research. He has advised or co-advised over 30 PhD dissertations to completion.

Cybersecurity

Feature Article

ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities

LSTM RNN: detecting exploit kits using redirection chain sequences

Bin2vec: learning representations of binary executable programs for security tasks

VAECGAN: a generating framework for long-term prediction in multivariate time series

Hypervisor-assisted dynamic malware analysis

Survey of intrusion detection systems: techniques, datasets and challenges

Fuzzing: a survey

Detecting telecommunication fraud by understanding the contents of a call

Adversarial attack and defense in reinforcement learning-from AI security view

An emerging threat Fileless malware: a survey and research challenges