وبلاگ بلیان

Information and Communications Security: 24th International Conference, ICICS 2022, Canterbury, UK, September 5–8, 2022, Proceedings (Lecture Notes in Computer Science Book 13407)

معرفی کتاب «Information and Communications Security: 24th International Conference, ICICS 2022, Canterbury, UK, September 5–8, 2022, Proceedings (Lecture Notes in Computer Science Book 13407)» نوشتهٔ Cristina Alcaraz (editor), Liqun Chen (editor), Shujun Li (editor), Pierangela Samarati (editor)، منتشرشده توسط نشر Springer International Publishing Springer در سال 1340. این کتاب در فرمت pdf، زبان انگلیسی ارائه شده است.

This LNCS 13407 constitutes the refereed proceedings of the 24 th International Conference on Information and Communications Security, ICICS 2022, held in Canterbury, UK,, in September 2022. The 34 revised full papers presented in the book were carefully selected from 150 submissions The papers are organized around the following topics: Cryptography, Authentication, Privacy and Anonymity, Attacks and Vulnerability Analysis, Artificial Intelligence for Detection, and Network Security and Forensics. Preface Organization Contents Cryptography BS: Blockwise Sieve Algorithm for Finding Short Vectors from Sublattices 1 Introduction 1.1 Related Work 1.2 Our Contribution 1.3 Organization of the Paper 2 Preliminaries 2.1 Lattice 2.2 Lattice Reduction Algorithms 2.3 Learning with Errors 3 Block Sieve Algorithm 3.1 Basic Block Sieve Algorithm 3.2 Progressive Block Sieve Algorithm 4 Analysis of BS and PBS 4.1 Complexity Analysis 4.2 Performance on Challenge Lattices 4.3 Performance of PBS on LWE Instances 5 Conclusion References Calibrating Learning Parity with Noise Authentication for Low-Resource Devices 1 Introduction 2 Preliminaries 2.1 Notation 2.2 LPN Basics 2.3 Assumptions 3 Exploring Precision 3.1 Statistical Bounds 3.2 Computational Simulations 3.3 Summary of Precision Results 4 Exploring Key Lengths 4.1 Key Length Recommendation 4.2 Effectiveness of Known Attacks 4.3 Effectiveness of Guessing 4.4 Effectiveness of Incomplete Attacks 4.5 Cryptanalytic Progress 4.6 Summary of Key Length Results 5 Conclusion A Algorithm Pseudocode References New Results of Breaking the CLS Scheme from ACM-CCS 2014 1 Introduction 2 Preliminaries 2.1 Notation 2.2 co-ACD Problem 2.3 CLS Additive Homomorphic Encryption Scheme 2.4 Lattice 2.5 Coppersmith's Method 3 Strategy for Solving Search co-ACD Problem 3.1 Solution for N=p1@汥瑀瑯步渠pn 3.2 Experimental Results 4 Ciphertext-Only Attack 4.1 Solution for N=p1p2 4.2 Experimental Results 5 Conclusion A Calculation of wN and wX References A Note on the Security Framework of Two-key DbHtS MACs 1 Introduction 2 Preliminaries 3 BBB-Security Framework in ch4ShenWGW21 4 Counter-Examples 4.1 Counter-Example 1 4.2 Counter-Example 2 4.3 Counter-Example 3 5 The Flaw of the Proof of Theorem 1 in ch4ShenWGW21 6 Conclusion References Maliciously Secure Multi-party PSI with Lower Bandwidth and Faster Computation 1 Introduction 1.1 Our Contributions 2 Preliminaries 2.1 Notation 2.2 Security Model and Functionalities 2.3 Oblivious Key-Value Stores 3 Technical Overview 3.1 Overview of the Best-Known Multi-party PSI Protocol 3.2 Our Approach to Improve Computation Efficiency 3.3 Our Approach to Reduce Communication Bandwidth 4 Maliciously Secure Multi-party PSI Protocol 4.1 Sub-protocols for Sending and Aggregating Messages 4.2 Our PSI Protocol with Efficient Bandwidth and Computation 4.3 Proof of Security 5 An Attack Against Multi-output Extension of PSI A OKVS Overfitting References Conditional Cube Attacks on Full Members of KNOT-AEAD Family 1 Introduction 2 Preliminaries 2.1 Algebraic Degree Evaluation by Division Property 2.2 Conditional Cube Attack 2.3 KNOT-AEAD Family 3 A Framework of Conditional Cube Attacks for KNOT-AEAD 4 Conditional Cube Attacks on Full Members of KNOT-AEAD Family 4.1 Modeling the Division Property Propagation of Conditional S-boxes 4.2 Key-Recovery Attack on KNOT-AEAD (128, 256, 64) 4.3 Key-recovery Attacks on KNOT-AEAD (128, 384, 192) 5 Conclusion A Division Trails and Linear Descriptions of the KNOT S-box B Some Tables about Estimated Algebraic Degrees References Fast Fourier Orthogonalization over NTRU Lattices 1 Introduction 1.1 Our Contributions 1.2 Related Works 2 Preliminaries 2.1 Notations 2.2 Polynomial Rings and Fields 2.3 The Field Norm 2.4 The GSO and LDL Decomposition 2.5 The Fast Fourier Orthogonalization and LDL Tree 2.6 NTRU Lattices 2.7 Discrete Gaussians 3 Fast Fourier Orthogonalization over NTRU Lattices 3.1 The Cyclotomic Field Q[x]/(xn+1) 3.2 The Cyclotomic Field Q[x]/(xn-xn/2+1) 4 Application to FALCON 4.1 Intel i7-4790 4.2 ARM Cortex M4 5 Conclusion A Proof of Theorem 2 References Secure Sketch and Fuzzy Extractor with Imperfect Randomness: An Information-Theoretic Study 1 Introduction 1.1 Our Contributions 1.2 Related Work 1.3 Paper Organization 2 Preliminaries 2.1 Secure Sketch 2.2 Fuzzy Extractor 2.3 Randomness Extractor 3 Security Analysis of Existing Sketch Sketches with Imperfect Randomness 3.1 Code Offset-Based Construction 3.2 Permutation-Based Secure Sketch 3.3 Fuzzy Vault-Based Secure Sketch 4 Security Analysis of Existing Fuzzy Extractors with Imperfect Randomness 5 Further Discussions on Fuzzy Extractors with Imperfect Randomness Based on Two-source Extractor 5.1 Fuzzy Extractor Based on Length-Consistent Secure Sketch and Two-Source Extractor 5.2 Fuzzy Extractor Based on Length-Inconsistent Secure Sketch and Two-Source Extractor 6 Conclusion A Appendix A.1 Proof of Theorem 1 A.2 Proof of Lemma 5 References Tight Analysis of Decryption Failure Probability of Kyber in Reality 1 Introduction 2 Preliminaries 2.1 Kyber 2.2 Distributions on R 3 Analysis of Decryption Failure Probability 3.1 Decryption Failures 3.2 Formula Derivation 3.3 The Deviation Between the Theoretical Failure Probability and the Actual Failure Probability 4 Experiment and Sample Test References Authentication Improving Deep Learning Based Password Guessing Models Using Pre-processing 1 Introduction 1.1 Related Work 1.2 Our Contributions 2 Background 2.1 LSTM Based Models 2.2 PassGAN 3 Preliminaries 3.1 Datasets 3.2 Ethical Considerations 4 Preprocessing Methods 4.1 Important Abbreviations 4.2 Character Feature Based Encoding Method 4.3 Refined PCFG 4.4 PassGAN Using PCFG for Preprocessing 4.5 Chunk+PCFG Preprocessing Method 5 Experiments 5.1 Attacking Strategies Design 5.2 Evaluation Results 6 Conclusion 1 Some Statistics About User-Chosen Passwords 2 Exploratory Experiments References Exploring Phone-Based Authentication Vulnerabilities in Single Sign-On Systems 1 Introduction 2 Background and Related Work 3 Understanding PBA Goals, Options, and Impacts 3.1 Threat Model and Experiment Setup 3.2 Impact of Malicious Relying Party Sites 3.3 Timing Attacks on Unassociated PBA Approvals 3.4 Observable Characteristics of the Attack Scenarios 4 User Study and Findings 4.1 IRB Process and Participant Recruiting 4.2 Experimental Setup 4.3 Participant Responses to the Malicious Relying Party Scenario 4.4 Participant Responses to Timing Attack Scenario 4.5 Participant Feedback and Study Limitations 4.6 Potential Mitigations for Deployment 5 Concluding Remarks References FRACTAL: Single-Channel Multi-factor Transaction Authentication Through a Compromised Terminal 1 Introduction 2 Scenario and Adversary Model 2.1 Scenario 2.2 Adversarial Model 3 Protocol Description 3.1 Basic Protocol Flow 3.2 Scenario #1 3.3 Scenario #2 4 Security Considerations 4.1 Security Features 4.2 Formal Security Analysis via ProVerif 5 Implementation and Performance Assessment 5.1 Implementation Details 5.2 Experimental Performance Assessment 6 Related Work and Qualitative Comparison 7 Conclusion References Privacy and Anonymity Lightweight and Practical Privacy-Preserving Image Masking in Smart Community 1 Introduction 2 Related Work 3 Preliminaries 3.1 Yolo v5 Object Detection Algorithm 3.2 ChaCha20-Poly1305 Stream Encryption Algorithm 3.3 Bilinear Map 3.4 Proxy Re-encryption 4 Our Proposed Scheme 4.1 Preparation and Image Pre-processing Phase 4.2 Membrane Generation and Image Masking Phase 4.3 Proxy Re-encryption Phase 4.4 Image Recovery Phase 5 Evaluation and Results 5.1 Evaluation Setup 5.2 Findings and Results 5.3 Efficiency Analysis 5.4 Security Analysis 6 Conclusions References Using Blockchains for Censorship-Resistant Bootstrapping in Anonymity Networks 1 Introduction 2 Background 2.1 Tor Network 2.2 Blockchain Network 2.3 Public Key Encryption 2.4 Elliptic Curve Diffie-Hellman 3 Overview 3.1 System Model 3.2 Threat Model 3.3 Design Goals 4 Antiblok Details 4.1 Client Request 4.2 BridgeDB Response 4.3 Circuit Creation 5 Security 6 Evaluation 6.1 Experimental Setup 6.2 Functionality Evaluation 7 Discussion 8 Conclusion References Repetitive, Oblivious, and Unlinkable SkNN Over Encrypted-and-Updated Data on Cloud 1 Introduction 1.1 Background 1.2 Motivations 1.3 Possible Solutions and Technical Challenges 1.4 Paper Organization 2 Related Work 2.1 SkNN 2.2 Privacy-Preserving Range Querying 3 Problem Formulation 3.1 System Model 3.2 Threat Model 3.3 Design Objectives 4 The Proposed Space Encoding 5 The Proposed Scheme ROU 5.1 Overview 5.2 Index Building 5.3 Token Generation 5.4 Query Processing 5.5 Result Verification 6 Privacy Analysis 6.1 Data/Index/Token Privacy 6.2 Obliviousness 6.3 Unlinkability 6.4 Exclusiveness 7 Performance Analysis 7.1 Experiment Settings 7.2 Index Building 7.3 Token Generation 7.4 Query Processing 7.5 Result Verification 7.6 Comparison 8 Conclusions References Privacy-Aware Split Learning Based Energy Theft Detection for Smart Grids 1 Introduction 1.1 Related Work and Motivation 1.2 Our Contribution 2 Preliminaries 2.1 Anomaly Detection Using Auto-encoders 2.2 Privacy Preserving Machine Learning and Split Learning 3 System Model and Threat Model 3.1 System Model 3.2 Threat Model 4 Proposed Theft Detection Model 4.1 Three-Tier Split Learning 4.2 Energy Theft Detection Approach 5 Experimental Setup 6 Results and Discussion 6.1 Detection of Energy Thefts Attacks 6.2 Resilience Against Poisoning Attacks 6.3 Privacy Analysis via Feature Leakage Attack 6.4 Communication Analysis 6.5 Summary of Comparison 7 Conclusion References Attacks and Vulnerability Analysis Query-Efficient Black-Box Adversarial Attack with Random Pattern Noises 1 Introduction 1.1 Backgrounds 1.2 Our Contribution 2 Related Work 2.1 Transfer-Based Black-Box Attacks 2.2 Score-Based Black-Box Attacks 2.3 Defense Methods 2.4 Differences Among Other Black-Box Methods and Our Method 3 Our Methods 3.1 Optimization Framework 3.2 Algorithm 4 Experiments 4.1 Experiments on Naturally Trained Models 4.2 Experiments on Adversarially Trained Models 4.3 Experiments on Input-Transformation-Based Defenses 4.4 Ablation Study 5 Conclusion References Autoencoder Assist: An Efficient Profiling Attack on High-Dimensional Datasets 1 Introduction 2 Primitives and Components 2.1 Raw ASCAD Dataset 2.2 Dimension Reduction Techniques in SCA 2.3 Neural Networks 3 Model Design 3.1 Model Overview 3.2 UAE Structure 3.3 MLP Structure 4 Experimental Results 4.1 Experimental Configurations 4.2 SNR Parameter 4.3 Grid Search on UAE Hyperparameters 4.4 Grid Search on MLP Hyperparameters 5 Concluding Remarks References TZ-IMA: Supporting Integrity Measurement for Applications with ARM TrustZone 1 Introduction 2 Background 2.1 IMA 2.2 Overview of TrustZone 3 System Design 3.1 Threat Model and Assumptions 3.2 TZ-IMA Framework 4 Local Appraisal Mechanism 4.1 Reference Value Protection 4.2 Application Integrity Verification 4.3 Reference Value Generation and Update 5 Remote Attestation Mechanism 5.1 vPCR Module 5.2 Encrypted Measurement List 5.3 Application Scenario 6 Evaluation 6.1 Boot Time 6.2 UnixBench 6.3 LMbench 7 Security Analysis 7.1 Local Appraisal 7.2 Remote Attestation 7.3 Security Limitations 8 Related Work 9 Conclusion References FuzzBoost: Reinforcement Compiler Fuzzing 1 Introduction 2 Overview 2.1 State 2.2 Action 2.3 Environment 2.4 Reward 3 Designed Framework 3.1 Initialization 3.2 State Extraction 3.3 Deep Q-Network 3.4 Termination 4 Experiments 4.1 Fuzzing Efficacy 4.2 Boosting with Pre-training 4.3 Mutation Example 5 Discussion 6 Related Work 7 Conclusion References Secure Boolean Masking of Gimli 1 Introduction 1.1 Our Contributions 2 Preliminaries 2.1 GIMLI 2.2 Threshold Implementation 2.3 The ARM Cortex-M Processors 3 Side-Channel Countermeasures 3.1 2-Share with ChaCha-8 Randomness 3.2 2-Share with Optimal Masking 3.3 3-Share Threshold Implementation 4 Implementation Details 4.1 Optimization on Original Gimli 4.2 Implementation Details of Masked Gimli 5 Experiments and Results 5.1 Comparison of the Implementations 5.2 Leakage Detection of Side-Channel Analysis 6 Conclusion References DeepC2: AI-Powered Covert Command and Control on OSNs 1 Introduction 2 Background and Related Work 2.1 Command and Control on OSNs 2.2 Easy Data Augmentation 2.3 AI-Powered Attacks 3 Methodology 3.1 Threat Model 3.2 Approach Overview 3.3 Dynamic Addressing 3.4 Command Embedding 4 Implementation 4.1 Siamese Neural Network 4.2 Experiments on Twitter 5 Evaluation 5.1 Tweets Generation 5.2 Hash Collision 5.3 Avatar Recognition 5.4 Crawling Tweets 5.5 Security Analysis 6 Possible Countermeasures 7 Conclusion A Easy Data Augmentation B Threshold for Distance C Enhancement References Artificial Intelligence for Detection ODDITY: An Ensemble Framework Leverages Contrastive Representation Learning for Superior Anomaly Detection 1 Introduction 1.1 Research Questions 1.2 Overview 2 Background 3 Related Work 4 Proposed Approach: ODDITY 4.1 Diverse Autoencoders 4.2 Gradient Boosting Ensembles of Diverse Autoencoder 5 Performance Evaluation 5.1 Benchmarking Datasets 5.2 Experiments 5.3 Results 6 Robustness Against Evasion Attacks 6.1 Threat Model 6.2 Attack Algorithms 6.3 Experimental Results 7 Discussion 8 Conclusion and Future Works A Experimental Datasets B Feature Importance map C ODDITY in Unsupervised setting References Deep Learning Based Webshell Detection Coping with Long Text and Lexical Ambiguity 1 Introduction 2 Challenges in Deep Learning Based Webshell Detection 2.1 Long Text Challenge 2.2 Lexical Ambiguity Challenge 2.3 Model Generalization Challenge 2.4 Our Contributions 3 Our Method 3.1 Method Overview 3.2 Text Selection Model 3.3 Token Embedding Model 3.4 Down-Stream Classifier 4 Experiment 4.1 Data Set and Data Split Type 4.2 Evaluation Criteria 4.3 Model Parameters and Experiment Setup 4.4 Evaluation Result Analysis 5 Conclusion Appendix References SimCGE: Simple Contrastive Learning of Graph Embeddings for Cross-Version Binary Code Similarity Detection 1 Introduction 2 Related Work 2.1 BCSD 2.2 BERT 2.3 Graph Neural Network 2.4 Contrastive Learning 3 Methods 3.1 Overall Structure 3.2 Semantic-Aware Modeling 3.3 Structural-Aware Modeling 3.4 Contrastive Framework: Simple Contrastive Learning of Graph Embeddings (SimCGE) 4 Experiment 4.1 Dataset 4.2 Evaluation Metrics 4.3 Compared Methods 4.4 Training 4.5 Results 5 Conclusion References FN2: Fake News DetectioN Based on Textual and Contextual Features 1 Introduction 2 Related Work 2.1 Fake News Detection Based on Textual Features 2.2 Fake News Detection Based on Contextual Features 3 Methodology 3.1 Textual Features Representation 3.2 Contextual Features Representation. 3.3 Multi-modal Concatenation 4 Experiments 4.1 Dataset 4.2 Experimental Settings 4.3 Competing Approaches 5 Results and Analysis 5.1 Fake News Detection Performance 6 Model Evaluation on FakeNewsNet 7 Conclusions and Future Work References Malware Detection with Limited Supervised Information via Contrastive Learning on API Call Sequences 1 Introduction 2 Related Work 2.1 Malware Detection 2.2 Graph Neural Network 2.3 Contrastive Learning 3 Problem Formulation 4 The Proposed Model: SCLMD 4.1 Structural View Encoder 4.2 Sequential View Encoder 4.3 Hybrid Positive Selection Strategy for Contrastive Learning 4.4 Loss 5 Experiments 5.1 Datasets 5.2 Baselines 5.3 Comparative Results 5.4 Ablation Study 5.5 Parameter Sensitivity 6 Conclusion A Implementation Details References Semi-supervised Context Discovery for Peer-Based Anomaly Detection in Multi-layer Networks 1 Introduction 2 Related Work 3 Method 3.1 Peer-Based Anomaly Detection 3.2 Anomaly Detection with Multi-layer Graph 3.3 Weight Optimization 4 Experiment 4.1 Experimental Settings 4.2 Performance on Synthetic Data and Ablation Study 4.3 Performance on Sensor Network Data 4.4 Performance on Intrusion Detection Data 5 Conclusion References Peekaboo: Hide and Seek with Malware Through Lightweight Multi-feature Based Lenient Hybrid Approach 1 Introduction 1.1 Problem Statement and Research Challenges 1.2 Approach Overview 1.3 Results Overview 1.4 Research Contributions 2 Related Work 2.1 Single Feature-Based Approaches 2.2 Multiple Feature-Based Approaches 3 Peekaboo: Our Proposed Approach 3.1 Lenient Hybrid Analysis 3.2 Extraction of API Calls and Opcodes 3.3 Partial Feature Integration 3.4 Few-shot Learning (FSL) for API Call Model 3.5 Achieving Real-Time Detection 4 Performance Evaluation 4.1 Datasets 4.2 Data Preparation 4.3 Experiments 4.4 Evaluation on Unseen Malware Classes 5 Results and Discussion 5.1 Analysis and Discussion 5.2 Comparison with Related Works 5.3 Evaluation on Unseen Malware Classes 6 Conclusion and Future Work A Background References TapTree: Process-Tree Based Host Behavior Modeling and Threat Detection Framework via Sequential Pattern Mining 1 Introduction 1.1 Analyzing the Problem 2 Overview 2.1 Assumption 3 System Design 3.1 Process-Tree Construction 3.2 Fusion of Host Behaviors 3.3 Behavioral Anomaly Detection 4 Experiment and Evaluation 4.1 Experiment Dataset 4.2 Evaluation 5 Related Work 6 Limitations 7 Conclusion References Network Security and Forensics Dependency-Based Link Prediction for Learning Microsegmentation Policy 1 Introduction 2 Previous Work 3 Approach 3.1 Overview 3.2 Node Similarities and Grouping 3.3 Link Induction 3.4 Model Selection and Tuning 4 Experimentation 4.1 Evaluating Models 4.2 Tuning Selected Model 4.3 Applying to Cybersecurity Operations 4.4 Considering Dataset Scale 5 Summary, Conclusions, and Future Work References Chuchotage: In-line Software Network Protocol Translation for (D)TLS 1 Introduction 2 Background 2.1 Threat Model 3 Related Work 3.1 Protocol Translation 3.2 TLS Interception 4 Chuchotage Protocol Translator 4.1 Architecture 4.2 Challenges 4.3 Operating Flow 5 Implementation 5.1 Implementation Choices 5.2 Testbed 6 Evaluation 6.1 Performance Evaluation 6.2 Security Evaluation 7 Conclusion A Appendix A.1 Common IoT Communication Protocols A.2 Open vSwitch Overview References Study on the Effect of Face Masks on Forensic Speaker Recognition 1 Introduction 1.1 Related Work 1.2 Threat Model 2 Method 2.1 Voice Recordings 2.2 Acoustic Features 2.3 Automatic Speaker Recognition Model 3 Results 3.1 ASR Results 3.2 Intensity Analysis 4 Conclusion References Video Forensics for Object Removal Based on Darknet3D 1 Introduction 1.1 Related Work 1.2 Contributions 2 Darknet53 3 Video Tampering Detection Model Based on Optimized Darknet53 3.1 Optimized Darknet53 Feature Extraction Network 3.2 Temporal-Domain Classifier and Spatial-Domain Locator 4 Experiments 4.1 Dataset 4.2 Experimental Settings 4.3 Experiment Results 5 Conclusion References Author Index
دانلود کتاب Information and Communications Security: 24th International Conference, ICICS 2022, Canterbury, UK, September 5–8, 2022, Proceedings (Lecture Notes in Computer Science Book 13407)