Articles

Page 3 of 5

Embedded fuzzing: a review of challenges, tools, and solutions

Fuzzing has become one of the best-established methods to uncover software bugs. Meanwhile, the market of embedded systems, which binds the software execution tightly to the very hardware architecture, has gro...

Authors: Max Eisele, Marcello Maugeri, Rachna Shriwas, Christopher Huth and Giampaolo Bella

Citation: Cybersecurity 2022 5:18

Content type: Review Published on: 2 September 2022
- View Full Text
- View PDF
CAMFuzz: Explainable Fuzzing with Local Interpretation

Grey-box fuzzing techniques have been widely used in software bug finding. In general, there are many decisions to make in the fuzzing process, including which code block in the target program should be explor...

Authors: Ji Shi, Wei Zou, Chao Zhang, Lingxiao Tan, Yanyan Zou, Yue Peng and Wei Huo

Citation: Cybersecurity 2022 5:17

Content type: Research Published on: 1 September 2022
- View Full Text
- View PDF
Sarve: synthetic data and local differential privacy for private frequency estimation

The collection of user attributes by service providers is a double-edged sword. They are instrumental in driving statistical analysis to train more accurate predictive models like recommenders. The analysis of...

Authors: Gatha Varma, Ritu Chauhan and Dhananjay Singh

Citation: Cybersecurity 2022 5:26

Content type: Research Published on: 3 August 2022
- View Full Text
- View PDF
On building machine learning pipelines for Android malware detection: a procedural survey of practices, challenges and opportunities

As the smartphone market leader, Android has been a prominent target for malware attacks. The number of malicious applications (apps) identified for it has increased continually over the past decade, creating ...

Authors: Masoud Mehrabi Koushki, Ibrahim AbuAlhaol, Anandharaju Durai Raju, Yang Zhou, Ronnie Salvador Giagone and Huang Shengqiang

Citation: Cybersecurity 2022 5:16

Content type: Survey Published on: 2 August 2022
- View Full Text
- View PDF
Hybrid dual attack on LWE with arbitrary secrets

In this paper, we study the hybrid dual attack over learning with errors (LWE) problems for any secret distribution. Prior to our work, hybrid attacks are only considered for sparse and/or small secrets. A new an...

Authors: Lei Bi, Xianhui Lu, Junjie Luo, Kunpeng Wang and Zhenfei Zhang

Citation: Cybersecurity 2022 5:15

Content type: Research Published on: 1 August 2022
- View Full Text
- View PDF
The inconsistency of documentation: a study of online C standard library documents

The C standard libraries are basic function libraries standardized by the C language. Programmers usually refer to their API documentation provided by third-party websites. Unfortunately, these documents are n...

Authors: Ruishi Li, Yunfei Yang, Jinghua Liu, Peiwei Hu and Guozhu Meng

Citation: Cybersecurity 2022 5:14

Content type: Research Published on: 2 July 2022
- View Full Text
- View PDF
Hash-based signature revisited

The current development toward quantum attack has shocked our confidence on classical digital signature schemes. As one of the mainstreams of post quantum cryptography primitives, hash-based signature has attr...

Authors: Lingyun Li, Xianhui Lu and Kunpeng Wang

Citation: Cybersecurity 2022 5:13

Content type: Review Published on: 1 July 2022
- View Full Text
- View PDF
Improved conditional differential attacks on lightweight hash family QUARK

Nonlinear feedback shift register (NFSR) is one of the most important cryptographic primitives in lightweight cryptography. At ASIACRYPT 2010, Knellwolf et al. proposed conditional differential attack to perfo...

Authors: Xiaojuan Lu, Bohan Li, Meicheng Liu and Dongdai Lin

Citation: Cybersecurity 2022 5:12

Content type: Research Published on: 2 June 2022
- View Full Text
- View PDF
A flexible approach for cyber threat hunting based on kernel audit records

Hunting the advanced threats hidden in the enterprise networks has always been a complex and difficult task. Due to the variety of attacking means, it is difficult for traditional security systems to detect th...

Authors: Fengyu Yang, Yanni Han, Ying Ding, Qian Tan and Zhen Xu

Citation: Cybersecurity 2022 5:11

Content type: Research Published on: 1 June 2022
- View Full Text
- View PDF
Generic, efficient and isochronous Gaussian sampling over the integers

Gaussian sampling over the integers is one of the fundamental building blocks of lattice-based cryptography. Among the extensively used trapdoor sampling algorithms, it is ineluctable until now. Under the infl...

Authors: Shuo Sun, Yongbin Zhou, Yunfeng Ji, Rui Zhang and Yang Tao

Citation: Cybersecurity 2022 5:10

Content type: Research Published on: 2 May 2022
- View Full Text
- View PDF
Enabling data-driven anomaly detection by design in cyber-physical production systems

Designing and developing distributed cyber-physical production systems (CPPS) is a time-consuming, complex, and error-prone process. These systems are typically heterogeneous, i.e., they consist of multiple co...

Authors: Rui Pinto, Gil Gonçalves, Jerker Delsing and Eduardo Tovar

Citation: Cybersecurity 2022 5:9

Content type: Research Published on: 1 May 2022
- View Full Text
- View PDF
TriCTI: an actionable cyber threat intelligence discovery system via trigger-enhanced neural network

The cybersecurity report provides unstructured actionable cyber threat intelligence (CTI) with detailed threat attack procedures and indicators of compromise (IOCs), e.g., malware hash or URL (uniform resource...

Authors: Jian Liu, Junjie Yan, Jun Jiang, Yitong He, Xuren Wang, Zhengwei Jiang, Peian Yang and Ning Li

Citation: Cybersecurity 2022 5:8

Content type: Research Published on: 2 April 2022
- View Full Text
- View PDF
Abstract security patterns and the design of secure systems

During the initial stages of software development, the primary goal is to define precise and detailed requirements without concern for software realizations. Security constraints should be introduced then and ...

Authors: Eduardo B. Fernandez, Nobukazu Yoshioka, Hironori Washizaki and Joseph Yoder

Citation: Cybersecurity 2022 5:7

Content type: Research Published on: 1 April 2022
- View Full Text
- View PDF
Identifying high-risk over-entitlement in access control policies using fuzzy logic

Analysing access control policies is an essential process for ensuring over-prescribed permissions are identified and removed. This is a time-consuming and knowledge-intensive process, largely because there is...

Authors: Simon Parkinson and Saad Khana

Citation: Cybersecurity 2022 5:6

Content type: Research Published on: 2 March 2022
- View Full Text
- View PDF
Blockchain abnormal behavior awareness methods: a survey

With the wide application and development of blockchain technology in various fields such as finance, government affairs and medical care, security incidents occur frequently on it, which brings great threats ...

Authors: Chuyi Yan, Chen Zhang, Zhigang Lu, Zehui Wang, Yuling Liu and Baoxu Liu

Citation: Cybersecurity 2022 5:5

Content type: Survey Published on: 1 March 2022
- View Full Text
- View PDF
Threats, attacks and defenses to federated learning: issues, taxonomy and perspectives

Empirical attacks on Federated Learning (FL) systems indicate that FL is fraught with numerous attack surfaces throughout the FL execution. These attacks can not only cause models to fail in specific tasks, bu...

Authors: Pengrui Liu, Xiangrui Xu and Wei Wang

Citation: Cybersecurity 2022 5:4

Content type: Survey Published on: 2 February 2022
- View Full Text
- View PDF
TIM: threat context-enhanced TTP intelligence mining on unstructured threat data

TTPs (Tactics, Techniques, and Procedures), which represent an attacker’s goals and methods, are the long period and essential feature of the attacker. Defenders can use TTP intelligence to perform the penetra...

Authors: Yizhe You, Jun Jiang, Zhengwei Jiang, Peian Yang, Baoxu Liu, Huamin Feng, Xuren Wang and Ning Li

Citation: Cybersecurity 2022 5:3

Content type: Research Published on: 1 February 2022
- View Full Text
- View PDF
A decade of research on patterns and architectures for IoT security

Security of the Internet of Things (IoT)-based Smart Systems involving sensors, actuators and distributed control loop is of paramount importance but very difficult to address. Security patterns consist of dom...

Authors: Tanusan Rajmohan, Phu H. Nguyen and Nicolas Ferry

Citation: Cybersecurity 2022 5:2

Content type: Review Published on: 5 January 2022
- View Full Text
- View PDF
Performance analysis of machine learning models for intrusion detection system using Gini Impurity-based Weighted Random Forest (GIWRF) feature selection technique

To protect the network, resources, and sensitive data, the intrusion detection system (IDS) has become a fundamental component of organizations that prevents cybercriminal activities. Several approaches have b...

Authors: Raisa Abedin Disha and Sajjad Waheed

Citation: Cybersecurity 2022 5:1

Content type: Research Published on: 4 January 2022
- View Full Text
- View PDF
LSGAN-AT: enhancing malware detector robustness against adversarial examples

Adversarial Malware Example (AME)-based adversarial training can effectively enhance the robustness of Machine Learning (ML)-based malware detectors against AME. AME quality is a key factor to the robustness e...

Authors: Jianhua Wang, Xiaolin Chang, Yixiang Wang, Ricardo J. Rodríguez and Jianan Zhang

Citation: Cybersecurity 2021 4:38

Content type: Research Published on: 2 December 2021
- View Full Text
- View PDF
Privacy preserving divisible double auction with a hybridized TEE-blockchain system

Double auction mechanisms have been designed to trade a variety of divisible resources (e.g., electricity, mobile data, and cloud resources) among distributed agents. In such divisible double auction, all the ...

Authors: Bingyu Liu, Shangyu Xie, Yuanzhou Yang, Rujia Wang and Yuan Hong

Citation: Cybersecurity 2021 4:37

Content type: Research Published on: 1 December 2021
- View Full Text
- View PDF
Indexing structures for the PLS blockchain

This paper studies known indexing structures from a new point of view: minimisation of data exchange between an IoT device acting as a blockchain client and the blockchain server running a protocol suite that ...

Authors: Alex Shafarenko

Citation: Cybersecurity 2021 4:36

Content type: Research Published on: 2 November 2021
- View Full Text
- View PDF
Transparency order versus confusion coefficient: a case study of NIST lightweight cryptography S-Boxes

Side-channel resistance is nowadays widely accepted as a crucial factor in deciding the security assurance level of cryptographic implementations. In most cases, non-linear components (e.g. S-Boxes) of cryptog...

Authors: Huizhong Li, Guang Yang, Jingdian Ming, Yongbin Zhou and Chengbin Jin

Citation: Cybersecurity 2021 4:35

Content type: Research Published on: 1 November 2021
- View Full Text
- View PDF
Verifiable image revision from chameleon hashes

In a digital society, the rapid development of computer science and the Internet has greatly facilitated image applications. However, one of the public network also brings risks to both image tampering and pri...

Authors: Junpeng Xu, Haixia Chen, Xu Yang, Wei Wu and Yongcheng Song

Citation: Cybersecurity 2021 4:34

Content type: Research Published on: 2 October 2021
- View Full Text
- View PDF
Multidimensional linear cryptanalysis with key difference invariant bias for block ciphers

For block ciphers, Bogdanov et al. found that there are some linear approximations satisfying that their biases are deterministically invariant under key difference. This property is called key difference inva...

Authors: Wenqin Cao and Wentao Zhang

Citation: Cybersecurity 2021 4:32

Content type: Research Published on: 1 October 2021
- View Full Text
- View PDF
Position paper: GPT conjecture: understanding the trade-offs between granularity, performance and timeliness in control-flow integrity

Performance/security trade-off is widely noticed in CFI research, however, we observe that not every CFI scheme is subject to the trade-off. Motivated by the key observation, we ask three questions: ➊ does tra...

Authors: Zhilong Wang and Peng Liu

Citation: Cybersecurity 2021 4:33

Content type: Research Published on: 16 September 2021
- View Full Text
- View PDF
Confidential machine learning on untrusted platforms: a survey

With the ever-growing data and the need for developing powerful machine learning models, data owners increasingly depend on various untrusted platforms (e.g., public clouds, edges, and machine learning service...

Authors: Sharma Sagar and Chen Keke

Citation: Cybersecurity 2021 4:30

Content type: Survey Published on: 1 September 2021
- View Full Text
- View PDF
Bayesian network model to distinguish between intentional attacks and accidental technical failures: a case study of floodgates

Water management infrastructures such as floodgates are critical and increasingly operated by Industrial Control Systems (ICS). These systems are becoming more connected to the internet, either directly or thr...

Authors: Sabarathinam Chockalingam, Wolter Pieters, André Teixeira and Pieter van Gelder

Citation: Cybersecurity 2021 4:29

Content type: Research Published on: 1 September 2021
- View Full Text
- View PDF
ICPFuzzer: proprietary communication protocol fuzzing by using machine learning and feedback strategies

The fuzzing test is able to discover various vulnerabilities and has more chances to hit the zero-day targets. And ICS(Industrial control system) is currently facing huge security threats and requires security...

Authors: Pei-Yi Lin, Chia-Wei Tien, Ting-Chun Huang and Chin-Wei Tien

Citation: Cybersecurity 2021 4:28

Content type: Research Published on: 3 August 2021
- View Full Text
- View PDF
Social engineering in cybersecurity: a domain ontology and knowledge graph application examples

Social engineering has posed a serious threat to cyberspace security. To protect against social engineering attacks, a fundamental work is to know what constitutes social engineering. This paper first develops...

Authors: Zuoguang Wang, Hongsong Zhu, Peipei Liu and Limin Sun

Citation: Cybersecurity 2021 4:31

Content type: Research Published on: 2 August 2021
- View Full Text
- View PDF
Machine learning for intrusion detection in industrial control systems: challenges and lessons from experimental evaluation

Gradual increase in the number of successful attacks against Industrial Control Systems (ICS) has led to an urgent need to create defense mechanisms for accurate and timely detection of the resulting process a...

Authors: Gauthama Raman M. R., Chuadhry Mujeeb Ahmed and Aditya Mathur

Citation: Cybersecurity 2021 4:27

Content type: Research Published on: 2 August 2021
- View Full Text
- View PDF
Quantum key recovery attack on SIMON32/64

The quantum security of lightweight block ciphers is receiving more and more attention. However, the existing quantum attacks on lightweight block ciphers only focused on the quantum exhaustive search, while t...

Authors: Hui Liu and Li Yang

Citation: Cybersecurity 2021 4:23

Content type: Research Published on: 2 August 2021
- View Full Text
- View PDF
B2SMatcher: fine-Grained version identification of open-Source software in binary files

Codes of Open Source Software (OSS) are widely reused during software development nowadays. However, reusing some specific versions of OSS introduces 1-day vulnerabilities of which details are publicly availab...

Authors: Gu Ban, Lili Xu, Yang Xiao, Xinhua Li, Zimu Yuan and Wei Huo

Citation: Cybersecurity 2021 4:21

Content type: Research Published on: 2 August 2021
- View Full Text
- View PDF
ESRFuzzer: an enhanced fuzzing framework for physical SOHO router devices to discover multi-Type vulnerabilities

SOHO (small office/home office) routers provide services for end devices to connect to the Internet, playing an important role in cyberspace. Unfortunately, security vulnerabilities pervasively exist in these ...

Authors: Yu Zhang, Wei Huo, Kunpeng Jian, Ji Shi, Longquan Liu, Yanyan Zou, Chao Zhang and Baoxu Liu

Citation: Cybersecurity 2021 4:24

Content type: Research Published on: 19 July 2021
- View Full Text
- View PDF
LSTM RNN: detecting exploit kits using redirection chain sequences

While consumers use the web to perform routine activities, they are under the constant threat of attack from malicious websites. Even when visiting ‘trusted’ sites, there is always a risk that site is compromi...

Authors: Jonah Burgess, Philip O’Kane, Sakir Sezer and Domhnall Carlin

Citation: Cybersecurity 2021 4:25

Content type: Research Published on: 12 July 2021
- View Full Text
- View PDF
Bin2vec: learning representations of binary executable programs for security tasks

Tackling binary program analysis problems has traditionally implied manually defining rules and heuristics, a tedious and time consuming task for human analysts. In order to improve automation and scalability,...

Authors: Shushan Arakelyan, Sima Arasteh, Christophe Hauser, Erik Kline and Aram Galstyan

Citation: Cybersecurity 2021 4:26

Content type: Research Published on: 1 July 2021
- View Full Text
- View PDF
VAECGAN: a generating framework for long-term prediction in multivariate time series

Long-term prediction is still a difficult problem in data mining. People usually use various kinds of methods of Recurrent Neural Network to predict. However, with the increase of the prediction step, the accu...

Authors: Xiang Yin, Yanni Han, Zhen Xu and Jie Liu

Citation: Cybersecurity 2021 4:22

Content type: Research Published on: 1 July 2021
- View Full Text
- View PDF
Evaluation indicators for open-source software: a review

In recent years, the widespread applications of open-source software (OSS) have brought great convenience for software developers. However, it is always facing unavoidable security risks, such as open-source c...

Authors: Yuhang Zhao, Ruigang Liang, Xiang Chen and Jing Zou

Citation: Cybersecurity 2021 4:20

Content type: Survey Published on: 2 June 2021
- View Full Text
- View PDF
Hypervisor-assisted dynamic malware analysis

Malware analysis is a task of utmost importance in cyber-security. Two approaches exist for malware analysis: static and dynamic. Modern malware uses an abundance of techniques to evade both dynamic and static...

Authors: Roee S. Leon, Michael Kiperberg, Anat Anatey Leon Zabag and Nezer Jacob Zaidenberg

Citation: Cybersecurity 2021 4:19

Content type: Research Published on: 2 June 2021
- View Full Text
- View PDF
Searching for impossible subspace trails and improved impossible differential characteristics for SIMON-like block ciphers

In this paper, we greatly increase the number of impossible differentials for SIMON and SIMECK by eliminating the 1-bit constraint in input/output difference, which is the precondition to ameliorate the comple...

Authors: Xuzi Wang, Baofeng Wu, Lin Hou and Dongdai Lin

Citation: Cybersecurity 2021 4:17

Content type: Research Published on: 2 June 2021
- View Full Text
- View PDF
A secure and highly efficient first-order masking scheme for AES linear operations

Due to its provable security and remarkable device-independence, masking has been widely accepted as a noteworthy algorithmic-level countermeasure against side-channel attacks. However, relatively high cost of...

Authors: Jingdian Ming, Yongbin Zhou, Huizhong Li and Qian Zhang

Citation: Cybersecurity 2021 4:14

Content type: Research Published on: 2 June 2021
- View Full Text
- View PDF
DeepMal: maliciousness-Preserving adversarial instruction learning against static malware detection

Outside the explosive successful applications of deep learning (DL) in natural language processing, computer vision, and information retrieval, there have been numerous Deep Neural Networks (DNNs) based altern...

Authors: Chun Yang, Jinghui Xu, Shuangshuang Liang, Yanna Wu, Yu Wen, Boyang Zhang and Dan Meng

Citation: Cybersecurity 2021 4:16

Content type: Research Published on: 14 May 2021
- View Full Text
- View PDF
An efficient fully dynamic group signature with message dependent opening from lattice

Message-dependent opening is one of the solutions to solve the problem of the tracing manager owns excessive power. In this paper, we present a new lattice-based fully dynamic group signature scheme with messa...

Authors: Yiru Sun and Yanyan Liu

Citation: Cybersecurity 2021 4:15

Content type: Research Published on: 3 May 2021
- View Full Text
- View PDF
TKCA: a timely keystroke-based continuous user authentication with short keystroke sequence in uncontrolled settings

Keystroke-based behavioral biometrics have been proven effective for continuous user authentication. Current state-of-the-art algorithms have achieved outstanding results in long text or short text collected b...

Authors: Lulu Yang, Chen Li, Ruibang You, Bibo Tu and Linghui Li

Citation: Cybersecurity 2021 4:13

Content type: Research Published on: 3 May 2021
- View Full Text
- View PDF
Data and knowledge-driven named entity recognition for cyber security

Named Entity Recognition (NER) for cyber security aims to identify and classify cyber security terms from a large number of heterogeneous multisource cyber security texts. In the field of machine learning, dee...

Authors: Chen Gao, Xuan Zhang and Hui Liu

Citation: Cybersecurity 2021 4:9

Content type: Research Published on: 3 May 2021
- View Full Text
- View PDF
Deriving invariant checkers for critical infrastructure using axiomatic design principles

Cyber-physical systems (CPSs) in critical infrastructure face serious threats of attack, motivating research into a wide variety of defence mechanisms such as those that monitor for violations of invariants, i.e....

Authors: Cheah Huei Yoong, Venkata Reddy Palleti, Rajib Ranjan Maiti, Arlindo Silva and Christopher M Poskitt

Citation: Cybersecurity 2021 4:6

Content type: Research Published on: 2 April 2021
- View Full Text
- View PDF
Precision time protocol attack strategies and their resistance to existing security extensions

The IEEE 1588 precision time protocol (PTP) is very important for many industrial sectors and applications that require time synchronization accuracy between computers down to microsecond and even nanosecond l...

Authors: Waleed Alghamdi and Michael Schukat

Citation: Cybersecurity 2021 4:12

Content type: Research Published on: 1 April 2021
- View Full Text
- View PDF
An end-to-end text spotter with text relation networks

Reading text in images automatically has become an attractive research topic in computer vision. Specifically, end-to-end spotting of scene text has attracted significant research attention, and relatively ide...

Authors: Jianguo Jiang, Baole Wei, Min Yu, Gang Li, Boquan Li, Chao Liu, Min Li and Weiqing Huang

Citation: Cybersecurity 2021 4:7

Content type: Research Published on: 1 April 2021
- View Full Text
- View PDF
A critical review of intrusion detection systems in the internet of things: techniques, deployment strategy, validation strategy, attacks, public datasets and challenges

The Internet of Things (IoT) has been rapidly evolving towards making a greater impact on everyday life to large industrial systems. Unfortunately, this has attracted the attention of cybercriminals who made I...

Authors: Ansam Khraisat and Ammar Alazab

Citation: Cybersecurity 2021 4:18

Content type: Survey Published on: 8 March 2021
- View Full Text
- View PDF
Neutron: an attention-based neural decompiler

Decompilation aims to analyze and transform low-level program language (PL) codes such as binary code or assembly code to obtain an equivalent high-level PL. Decompilation plays a vital role in the cyberspace ...

Authors: Ruigang Liang, Ying Cao, Peiwei Hu and Kai Chen

Citation: Cybersecurity 2021 4:5

Content type: Research Published on: 5 March 2021
- View Full Text
- View PDF

How was your experience today?

Rating Please select one rating

Awful

Bad

Good

Great

Thank you for your feedback.

Tell us why (opens in a new tab)

Articles

Affiliated with

The journal is indexed by

Annual Journal Metrics