|
|
Hibridni događaj
|
Radovi |
G. Marvin (dSPACE Engineering d.o.o., Zagreb, Croatia) The Latest Developments and Future Perspectives of Artificial Intelligence Systems for In-Vehicle Communication Intrusion Detection
CAN (Controller Area Network) is a message-based protocol that achieves communication by the exchange of packets of data between devices on the network. The protocol is widely used for in-vehicle communication in the automotive industry as it is designed to be robust, able to handle a high rate of data transfer, and tolerant of the electrical noise. However, the original CAN implementation lacks built in security mechanisms which makes it vulnerable to intrusion attacks that can be detrimental to the driver or the system itself. With the very rapid evolution of Artificial Intelligence (AI) various Intrusion Detection Systems (IDS) have been developed to tackle the problem of detecting these attacks. In controlled environment, the new technology makes very fast and accurate attack detection possible. This article surveys several approaches that introduce State of The Art methodologies (SoA) in the field of AI based IDS. A comparison of various known attacks, detection techniques on available benchmark datasets, and a few advanced improvements of current security implementations and limitations are emphasized.
|
M. Kaniški, J. Dobša, D. Kermek (Fakultet organizacije i informatike, Varaždin, Croatia) Deep Learning within the Web Application Security Scope – Literature Review
Over the last few years, several breakthroughs in deep learning have contributed to the development of new models. One of many areas they are applied to is the web application security scope. Web applications are still one of the biggest information and business security threats. Requests sent to the Web application are divided into normal and malicious. Malicious requests contain a payload that exploits a discovered vulnerability. Detection of Web attacks can be reduced to natural language processing classification problem. Lately, pre-trained models on Transformer neural networks showed promising results in the detection of Web attacks. In development of models preprocessing step of data preparation is crucial. After preparation of good datasets and application of powerful models it is very important to evaluate and compare performance of algorithms. The goal of this paper is to conduct an overview of the deep learning methods used for Web attack detection. The research is conducted by querying scientific databases, analyzing relevant articles within the security scope and summarizing the proposed state-of-the-art approaches. Also, open problems will be emphasized, as well as challenges and possibly new opportunities for the future research.
|
I. Tomicic (Fakultet organizacije i informatike Varaždin, Varaždin, Croatia) Social Engineering Aspects of Email Phishing: An Overview and Taxonomy
Numerous online resources and reports are pointing to the growing effectiveness of email phishing techniques, with some of those indicating for example that 85% of IT breaches involved the human element, and that 96% or social attacks arrive via email. Phishing is a common occurrence, and a significantly successful one. While most of the available research on phishing involves phishing detection, prevention, filtering, anti-phishing tools, techniques and countermeasures, and the remaining body of research is tackling phishing and social engineering in a (too) generic and broad contexts, this paper will propose a focused effort to identify the specific groups of techniques that attackers are using in email phishing, and the principles which run "behind the scenes" that make these attacks successful. Thus, the goal of this paper is threefold: (1) to propose a taxonomy of the observed email phishing techniques, (2) to associate the principles and factors of influence with observed techniques and shed light behind their effectiveness, and (3) to raise awareness and lay grounds towards working on the model of human resilience against these manipulative forms of cyber attacks.
|
R. Carlsson, T. Heino, S. Rauti (University of Turku, Turku, Finland) Data Leaks to Third Parties in Web Services for Vulnerable Groups
Third-party analytics services are increasingly being used to improve sales and usability of websites. While these services often have great value for companies and organizations using them, they also rise privacy issues. When information is gathered using third-party analytics, third parties also receive lots of personal data about users. This is often especially true for many vulnerable groups who may be forced the use online services instead of on-site services, such as the elderly, people with medical issues, or people living in remote locations. We conduct a comprehensive study of 15 Finnish web services often used by vulnerable groups by analyzing their network traffic. Our findings show most of these services use third-party analytics and, despite their delicate nature, send highly sensitive personal data to third parties. The study also discusses the implications of the found data leakages and offers some recommendations on how to improve privacy of online services from a software engineering point of view.
|
R. Carlsson (University of Turku, Turku, Finland), S. Laato (Tampere University, Tampere, Finland), T. Heino, V. Leppänen, S. Rauti (University of Turku, Turku, Finland) Privacy in Popular Children's Mobile Applications: A Network Traffic Analysis
Children increasingly download and use mobile applications from marketplaces such as Apple's App Store or Google Play Store. One would expect that applications intended for children are free of third-party analytics, or at least make sure parents give their consent for collecting personal data from children. In this study, we performed an in-depht technical analysis of a representative snapshot (n=15) of applications from Google Play Store aimed at children (age group classifications 0-5, 6-8 and 9-12). We recorded the network traffic of these applications and compared it to the privacy policies of the applications. Across the applications, we noticed that a significant number (13/15) were delivering more information about the users to various third parties than they admitted in their privacy policies. We elaborate on the implications of our findings on user privacy and discuss strategies for preserving privacy particularly for sensitive audiences such as children.
|
D. Pranić (Atlantic Grupa d.d., Zagreb, Croatia) Analysis of DMARC Implementation in Republic of Croatia
Many security reports and analyses continuously emphasize email service as the cause or starting point of numerous security incidents. The insecurity of email service results in a steady increase in financial fraud caused by compromising user accounts. The use of more advanced authentication protocols such as DMARC, significantly reduces the risk of these threats. The DMARC protocol and its role in improving email service authentication will be explained in detail. Numerous advantages of the DMARC protocol and implementation challenges will be highlighted. The extent to which DMARC is applied in Republic of Croatia will be shown by an analysis of DMARC implementation at most important companies per total income and relevant entities of public sector. Analysis will show how much are private companies and public sector focused on security of email service and will give an insight into the DMARC complexity.
|
Radovi |
A. Kerr, T. Hynninen (South-Eastern Finland University of Applied Sciences, Mikkeli, Finland) Towards Improving Online Security Awareness Skills with Phishing and Spoofing Labs
It can be especially hard for novices to examine their online browsing habits, or to be aware of the dangers related to online security. In this paper, we describe laboratory exercises designed to improve awareness of online security, in addition to teaching cybersecurity knowledge and skills. The exercises were used as a part of an information security fundamentals course for IT students with none or only novice experience in the field. These lessons are suitable for both delivery in the classroom and online in a virtual laboratory environment. The exercises were developed using the design science research methodology (DSR). Following DSR principles, the evaluation of the developed material was done by extracting observations from student reports. The thematic analysis method was used to process the data. The evaluation of the student learning reports revealed that the labs and the course were successful in the following ways: Improving security knowledge, improving critical thinking skills, and improving security awareness. Additionally, the material was perceived as useful for future working life.
|
T. Selker, J. Pelletier (Rochester Institute of Technology, Rochester, United States) Secure, Accessible, Virtual Voting Infrastructure (SAVVI): Reducing Barriers for Disabled and Overseas Voters
We describe a way to deploy a secured ballot return for overseas, vision, or dexterity-impaired voters. SAVVI is a secure, accessible, virtual voting infrastructure. It uses multiple communication channels with synchronized multi–factor authentication, encryption, and hashing to preserve privacy, confidentiality, and vote integrity. Our usability goal is to supply voters easy access to a hardened system that will present secure instances of their familiar browser and email clients. A key to its viability is synchronizing authentication through two low tech verifications such as phone calls. This strives to enhance security and usability for remote voting by mimicking best practices for in-person polling place procedures. Other more standard cryptographic measures include layered encryption and dynamically provisioning a secure virtual container–a virtual voting machine (VVM)–to process each ballot. In aggregate, the design of SAVVI seeks to allow remote voting while reducing difficulty for the voter, programming complexity for the election administrator, and material procurement for the voting authority.
|
V. Pagon, B. Skendrović, I. Kovačević (Fakultet elektrotehnike i računarstva, Zagreb, Croatia) JavaScript Library Version Detection
There are more than 1.6 billion websites today, and almost every one of them uses JavaScript libraries. Knowing that, it's very important to show problems that occur as a result of not paying enough attention to security, such as using outdated versions of JavaScript libraries, insecure libraries, and so on. This paper describes created algorithm for JavaScript library version detection. Algorithm detects version of an unknown JavaScript library based on differences between neighboring library versions. It's designed in such a way that it can be run periodically and automatically on the server. The paper also presents results and efficiency of the algorithm on a smaller set of data collected from the Croatian Web space. The success of the algorithm in detecting the correct version is about 50\%, and the range of probable versions is an additional 25\%. From these results, i.e. the detected versions, it is evident that the JavaScript libraries used on the websites of the Croatian web space are not regularly updated. Limitations and also possible potential improvements of the algorithm are listed at the end of the paper.
|
S. Lončarević, I. Kovačević, S. Groš (Fakultet elektrotehnike i računarstva, Zagreb, Croatia) Detecting JavaScript Libraries Using Identifiers and Hashes
The web is a widespread platform for data exchange and service delivery on which many depend. Due to the high demand for website creation, methods are offered that provide more time-efficient design and programming. One of them comes down to using JavaScript libraries which can introduce vulnerabilities into web applications. Due to the sheer number of websites, as well as libraries and their vulnerabilities, it is difficult to maintain security. There is a need to create tools that will automatically and proactively search for vulnerable libraries and enable timely remediation. Therefore, this paper deals with the given problem and provides an insight into the implemented solution. Paper describes how JavaScript libraries are obtained and used, and multiple methods for detecting them. The technical side of the implementation is presented, as well as the results obtained by detecting libraries on a set of web pages from the Croatian web space. Also, the usage distribution of popular libraries and their vulnerabilities is shown. The limitations observed during the implementation were commented on, as well as their potential solutions with the aim of improving the project.
|
T. Dujmović, B. Skendrović, S. Groš (Fakultet elektrotehnike i računarstva, Zagreb, Croatia) Detection and Analysis of Obfuscated and Minified JavaScript in Croatian Web Space
JavaScript libraries allow for faster and easier programming of web content. In order to conceal know-how secrets and malicious code, obfuscation is used. Obfuscation is a deliberate act of reshaping something to make it harder to understand. Commonly used obfuscators provide many methods that produce different obfuscated versions of the same source code. Minification has similar techniques to obfuscation, but unlike obfuscation, minification reduces the size of the code, which speeds it up and is its primary functionality. This paper provides an overview of obfuscation and minification and the methods therein.
The developed software tool uses regex, entropy and word size to detect and distinguish minified and obfuscated JavaScript libraries. The result of running the software tool on a database of pages in the Croatian web space is presented. The results show a high presence of minified and a small number of obfuscated JavaScript libraries. This automated detection has proven to be faster and in some cases more accurate than manual detection of obfuscation and minification. Observed problems with the tool implementation are commented on and potential improvements are discussed at the end of the paper.
|
D. Lawal, D. Gresty, D. Gan (University of Greenwich, London, United Kingdom) Forensic Implication of a Cyber-Enabled Fraud Taking Advantage of an Offline Adversary-in-the-Middle (AiTM) Attack
Many computer users utilise the High-Definition Multimedia Interface (HDMI) for connecting external displays as this interface is common on modern computers. This work investigates the feasibility of performing an offline adversary-in-the-middle attack with a portable programmable device such as the Screen Crab which leverages the HDMI interface to covertly capture information being sent to the external display. This work also addresses the possibility of such attacks being carried out as a part of the reconnaissance phase of a wider attack or being carried out as a standalone attack for data exfiltration, data theft, or espionage. Among the operational observations of the Screen Crab while it was exfiltrating data include its property of being storage and process efficient. In addition, there were no indicators on the external display (e.g., quality drop, lag/latency) to suggest to the target user that any form of tampering had been done to their machine. This paper also shows how it might be difficult for forensic analysts to detect the use of this device which poses a risk of the target user (victim) being falsely accused, or wrongly prosecuted for divulging sensitive or classified information in this kind of situations.
|
I. Spoljaric, D. Delija, G. Sirovatka (Zagreb University of Applied Sciences, Zagreb, Croatia) The Forensic Significance of Indexing Applications on the Windows Operating System
During the forensic analysis of the Windows operating system and the search for the existence of suspicious files, applications or artifacts of the operating system, the process of recovering deleted data is very often done. Considering the increasing prevalence of fast, solid-state hard disks (SSD) SATA or NVMe interfaces in personal computers and taking into account properties such as wear leveling and garbage collection of solid-state hard disks, it is significantly more difficult to recover deleted data as well as to prove the startup and the presence of suspicious files on the attacker's or victim's computer. This article analyzes the Windows Search feature of the Windows operating system with the associated Windows.edb file as well as 3rd party operating system file indexing applications to find records of suspicious files, metadata, applications and their activities relevant to forensic analysis.
|
M. Knezovic, D. Delija, M. Zagar, G. Sirovatka, D. Možnik (Zagreb University of Applied Sciences, Zageb, Croatia) Implementation of Biometric Verification of a Fingerprint Whose Image is Taken from a Glass Surface
Biometric systems often use the comparison of fingerprint characteristics for authentication and identification of persons, especially in mobile devices. This paper presents the procedures, devices, tools and algorithms that, with the use of non-forensic specialized devices, successfully capture a fingerprint from a curved glass surface using a mobile phone's digital camera and create a 3D model of the fingerprint that successfully unlocks a Samsung Android mobile device.
|
|
Osnovni podaci:
Voditelji:
Stjepan Groš (Croatia), Tonimir Kišasondi (Croatia)
Prijava/Kotizacija:
PRIJAVA / KOTIZACIJE
|
CIJENA U EUR-ima
|
Do 8.5.2023.
|
Od 9.5.2023.
|
Članovi MIPRO i IEEE |
230
|
260
|
Studenti (preddiplomski i diplomski studij) te nastavnici osnovnih i srednjih škola |
120
|
140
|
Ostali |
250
|
280
|
Popust se ne odnosi na studente doktorskog studija.
Kontakt:
Stjepan Groš
Fakultet elektrotehnike i računarstva
Unska 3
10000 Zagreb, Hrvatska
E-mail: stjepan.gros@fer.hr
Najbolji radovi bit će nagrađeni.
Prihvaćeni radovi bit će objavljeni u zborniku radova s ISSN brojem. Prezentirani radovi na engleskom jeziku bit će poslani za uključenje u digitalnu bazu IEEE Xplore.
.............
Postoji mogućnost da se odabrani znanstveni radovi uz određenu doradu objave u sljedećim časopisima: Journal of Computing and Information Technology (CIT), MDPI Applied Science, MDPI Information Journal, Frontiers i EAI Endorsed Transaction on Scalable Information Systems.
Mjesto održavanja:
Opatija je vodeće ljetovalište na istočnoj strani Jadrana i jedno od najpoznatijih na Mediteranu. Ovaj grad aristokratske arhitekture i stila već više od 170 godina privlači svjetski poznate umjetnike, političare, kraljeve, znanstvenike, sportaše, ali i poslovne ljude, bankare, menadžere i sve kojima Opatija nudi svoje brojne sadržaje.
Opatija svojim gostima nudi brojne komforne hotele, odlične restorane, zabavne sadržaje, umjetničke festivale, vrhunske koncerte ozbiljne i zabavne glazbe, uređene plaže i brojne bazene i sve što je potrebno za ugodan boravak gostiju različitih afiniteta.
U novije doba Opatija je jedan od najpoznatijih kongresnih gradova na Mediteranu, posebno prepoznatljiva po međunarodnim ICT skupovima MIPRO koji se u njoj održavaju od 1979. godine i koji redovito okupljaju preko tisuću sudionika iz četrdesetak zemalja. Ovi skupovi Opatiju promoviraju u nezaobilazan tehnološki, poslovni, obrazovni i znanstveni centar jugoistočne Europe i Europske unije općenito.
Detaljnije informacije se mogu potražiti na www.opatija.hr i www.visitopatija.com.
|
|