Bodies.dissemination-committee May 2021

bodies.dissemination-committee@internal.sparta.eu

3 participants
5 discussions

[SPARTA - bodies.dissemination-committee] article publishing

by Algimantas Venckauskas

Dear all, I would like to inform you that the following SPARTA paper has been published: Damaševičius, Robertas; Venčkauskas, Algimantas; Toldinas, Jevgenijus; Grigaliūnas, Šarūnas. 2021. "Ensemble-Based Classification Using Neural Networks and Machine Learning Models for Windows PE Malware Detection" Electronics 10, no. 4: 485. https://doi.org/10.3390/electronics10040485 https://www.mdpi.com/2079-9292/10/4/485 All the best, Algimantas Venčkauskas ______________________________________________________ Abstract The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of penetration into the information systems where confidential information is processed is malware. An attacker injects malware into a computer system, after which he has full or partial access to critical information in the information system. This paper proposes an ensemble classification-based methodology for malware detection. The first-stage classification is performed by a stacked ensemble of dense (fully connected) and convolutional neural networks (CNN), while the final stage classification is performed by a meta-learner. For a meta-learner, we explore and compare 14 classifiers. For a baseline comparison, 13 machine learning methods are used: K-Nearest Neighbors, Linear Support Vector Machine (SVM), Radial basis function (RBF) SVM, Random Forest, AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net, Passive Classifier, Ridge Classifier and Stochastic Gradient Descent classifier. We present the results of experiments performed on the Classification of Malware with PE headers (ClaMP) dataset. The best performance is achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner.

4 years, 2 months

[SPARTA - bodies.dissemination-committee] Submission

by Algimantas Venckauskas

Dear all, We have submitted the paper „Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process“ to the 24th International Conference ELECTRONICS 2020 Abstract: Visual Analytics uses data visualization methods for enabling compelling analysis of data by engaging graphical and visual representation. In the domain of cybersecurity, convincing visual representation of data enables to ascertain valuable observations that allow the domain experts to construct efficient cyberattack mitigation strategies and provide useful decision support. In this paper, we present a survey of the visual analytics tools and methods in the domain of cybersecurity. We explore and discuss Technical Threat Intelligence visualization tools using the Five Question Method. We conclude the analysis of the works using Moody’s Physics of Notations, and VIS4ML ontology as a methodological background of visual analytics process. This paper is still under evaluation. If it gets accepted, we will acknowledge SPARTA. Best, Algimantas Venčkauskas Kauno technologijos universitetas

4 years, 3 months

[SPARTA - bodies.dissemination-committee] two papers submitted

by Raimundas Matulevicius

Hello, I would like to report that we have submitted two papers. Details of the papers are below. If accepted, we will acknowledge SPARTA. Best greetings, Raimundas ————————— Title: Information Security Analysis in the Passenger-Autonomous Vehicle Interaction Authors: Mariia Bakhtina, Raimundas Matulevičius Venue: International Workshop on Security and Privacy in Intelligent Infrastructures (SP2I 2021) co-organised at ARES 2021. Abstract: Autonomous vehicles (AV) are becoming a part of humans' everyday life. There are numerous pilot projects of driverless public buses; some car manufacturers deliver their premium-level automobiles with advanced self-driving features. Thus, assuring the security of a Passenger--Autonomous Vehicle interaction arises as an important research topic, as along with opportunities, new cybersecurity risks and challenges occur that potentially may threaten Passenger's privacy and safety on the roads. This study proposes an approach of the security requirements elicitation based on the developed threat model. Thus, information security risk management helps to fulfil one of the principles needed to protect data privacy - information security. We demonstrate the process of security requirements elicitation to mitigate arising security risks. The findings of the thesis are case-oriented and are based on the literature review. They are applicable for AV system implementation used by ride-hailing service providers that enable supervisory AV control. ————————— Title: Risk-Oriented Design Approach For Forensic-Ready Software Systems Authors: Lukas Daubner, Raimundas Matulevičius Venue: the 14th International Workshop on Digital Forensics (WSDF 2021) co-organised at ARES 2021. Abstract: Digital forensic investigation is a complex and time-consuming activity in response to a cybersecurity incident or cybercrime to answer questions related to it. These typically are what happened, when, where, how, and who is responsible. However, answering them is often very laborious and sometimes outright impossible due to a lack of useable data. The forensic-ready software systems are designed to produce valuable on-point data for use in the investigation with potentially high evidence value. Still, the particular ways to develop these systems are currently not explored. This paper proposes consideration of forensic readiness within security risk management to refine specific requirements on forensic-ready software systems. The idea is to re-evaluate the taken security risk decisions with the aim to provide trustable data when the security measures fail. Additionally, it also considers possible disputes, which the digital evidence can solve. Our proposed approach, risk-oriented forensic-ready design, composes of two parts: (1) process guiding the identification of the requirements in the form of potential evidence sources, and (2) supporting BPMN notation capturing the potential evidence sources and their relationship. Together they are aimed to provide a high-level overview of the forensic-ready requirements within the system. Finally, the approach is demonstrated on an automated valet parking scenario, followed by a discussion regarding its impact and usefulness within the forensic readiness effort.

4 years, 4 months

[SPARTA - bodies.dissemination-committee] Information about accepted paper

by Ulrich Schöpp

Dear all, I would like to share information about a recent publication by fortiss. Our paper has been accepted for publication at SSIV+'2021 (Safety and Security of Intelligent Vehicles), a workshop at DSN 2021. It acknowledges the SPARTA project. Title: CyberGSN: A Semi-formal Language for Specifying Safety Cases Authors: Tewodros A. Beyene (fortiss, Germany) and Carmen Carlan (fortiss, Germany) Abstract: The use of safety cases to explicitly present safety argumentation considerations and decisions is a common practice in the safety-critical domain. A safety case can be used to scrutinize the safety assessment approach used by practitioners internally, or as an input for the certification process for an external certifying authority. However, safety cases are still created manually using notations such as the Goal Structuring Notation (GSN) to explicate the followed safety assessment and assurance measures. In addition, although safety cases may be created in a modular way by multiple entities, and it may be critical for each entity to digitally sign its part of the assurance for accountability, the common notations such as GSN are not expressive enough to include the notion of entity. Especially in cyber-security applications, the notion of entity is very critical. In this paper, we propose a formal logic based language called CyberGSN, with an explicit notion of entity, that can be used for specifying safety cases and safety case patterns, enabling the automated creation and maintenance of safety cases. Best, Ulrich fortiss GmbH Landesforschungsinstitut des Freistaats Bayern für softwareintensive Systeme An-Institut Technische Universität München Guerickestraße 25, 80805 München, Germany T: +49 (89) 3603522 166<tel:+49%20(89)%203603522%20166> F: +49 (89) 3603522 50 schoepp(a)fortiss.org<mailto:schoepp@fortiss.org> https://www.fortiss.org/ Amtsgericht München: HRB: 176633 USt-IdNr.: DE263907002, Steuer-Nr.: 143/237/25900 Rechtsform: gemeinnützige GmbH Sitz der Gesellschaft: München Geschäftsführer: Dr. Harald Rueß, Thomas Vallon Vorsitzender des Aufsichtsrats: Dr. Manfred Wolter

4 years, 4 months

[SPARTA - bodies.dissemination-committee] Request for SPARTA acknowledgment in submitted papers

by mchoras＠itti.com.pl

Dear All, We plan to acknowledge SPARTA in the following papers under consideration. 1. Title: The proposition of balanced and explainable surrogate method for network intrusion detection in streamed real difficult data By: Szczepanski, Komisarek, Pawlicki, Kozik, Choras. Venue: ICCCI 2021 conference (core B) 2. Title: Has the pandemic made us more digitally literate? Innovative association rule mining study of the relationships between shifts in digital skills and cybersecurity awareness occurring whilst working remotely during the COVID-19 pandemic By: A. Pawlicka, R. Tomaszewska, E. Krause, D. Jaroszewska-Choras, M.Pawlicki, M.Choras; Venue: JAIHC journal, Springer 3. Title: Neural Networks for (Cyber-)Security and (Cyber-)Security of Neural Networks: The challenges to implementation and how to rise to them By: Choras, Pawlicki Venue: ASOC journal, Elsevier 4. Title:The double-edged sword of AI By: Choras, Wozniak Venue: IT Professional journal, IEEE If accepted we plan to acknowledge SPARTA. Kind Regards, Prof. Michal Choras

4 years, 5 months

2025

2024

2023

2022

2021

2020

2019

Bodies.dissemination-committee May 2021