Bodies.dissemination-committee July 2021

bodies.dissemination-committee@internal.sparta.eu

3 participants
5 discussions

[SPARTA - bodies.dissemination-committee] Request for SPARTA acknowledgment in paper

by Eren Cakmak

Dear All, we submitted the paper "VulnEx: Exploring Open-Source Software Vulnerabilities in Large Development Organizations to Understand Risk Exposure" to the IEEE Symposium on Visualization for Cyber Security (at IEEE VIS 2021). We request to acknowledge SPARTA if the paper is accepted. * Abstract: "The prevalent usage of open-source software (OSS) has led to an increased interest in resolving potential third-party security risks by fixing common vulnerabilities and exposures (CVEs). However, even with automated code analysis tools in place, security analysts often lack the means to obtain an overview of vulnerable OSS reuse in large software organizations. In this design study, we propose VulnEx (Vulnerability Explorer), a tool to audit entire software development organizations. We introduce three complementary table-based representations to identify and assess vulnerability exposures due to OSS, which we designed in collaboration with security analysts. The presented tool allows examining problematic projects and applications (repositories), third-party libraries, and vulnerabilities across a software organization. We show the applicability of our tool through a use case and preliminary expert feedback." Best Regards, Eren Cakmak -- Research Associate Department of Computer and Information Science Data Analysis and Visualization Group 78457 Konstanz, Germany Website: http://infovis.uni.kn/~cakmak Phone: +49 (0)7531 88 2507 Room: ZT1107

4 years, 1 month

[SPARTA - bodies.dissemination-committee] article publishing

by Algimantas Venckauskas

Dear all, I would like to inform you that the following SPARTA paper has been published: Damaševičius, Robertas; Venčkauskas, Algimantas; Toldinas, Jevgenijus; Grigaliūnas, Šarūnas. 2021. "Ensemble-Based Classification Using Neural Networks and Machine Learning Models for Windows PE Malware Detection" Electronics 10, no. 4: 485. https://doi.org/10.3390/electronics10040485 https://www.mdpi.com/2079-9292/10/4/485 All the best, Algimantas Venčkauskas ______________________________________________________ Abstract The security of information is among the greatest challenges facing organizations and institutions. Cybercrime has risen in frequency and magnitude in recent years, with new ways to steal, change and destroy information or disable information systems appearing every day. Among the types of penetration into the information systems where confidential information is processed is malware. An attacker injects malware into a computer system, after which he has full or partial access to critical information in the information system. This paper proposes an ensemble classification-based methodology for malware detection. The first-stage classification is performed by a stacked ensemble of dense (fully connected) and convolutional neural networks (CNN), while the final stage classification is performed by a meta-learner. For a meta-learner, we explore and compare 14 classifiers. For a baseline comparison, 13 machine learning methods are used: K-Nearest Neighbors, Linear Support Vector Machine (SVM), Radial basis function (RBF) SVM, Random Forest, AdaBoost, Decision Tree, ExtraTrees, Linear Discriminant Analysis, Logistic, Neural Net, Passive Classifier, Ridge Classifier and Stochastic Gradient Descent classifier. We present the results of experiments performed on the Classification of Malware with PE headers (ClaMP) dataset. The best performance is achieved by an ensemble of five dense and CNN neural networks, and the ExtraTrees classifier as a meta-learner.

4 years, 2 months

[SPARTA - bodies.dissemination-committee] Paper Submission - CINI - Request for Acknowledgment

by Gianluca Roascio

Dear All, As CINI (Italy) WP6.2 members, we are submitting a paper named "PROLEPSIS: Binary Analysis and Instrumentation of IoT Software for Control-Flow Integrity” to the IEEE International Conference on Electrical, Computer, Communications and Mechatronic Engineering (ICECCME) 2021. Authors and abstract of the paper are below. If accepted, we would like to have your consent to acknowledge SPARTA. Authors: Valentina FORTE, Nicolò MAUNERO, Paolo PRINETTO, Gianluca ROASCIO Abstract: Nowadays, the growing pervasiveness of digital components and their interconnection in the so-called Internet of Things, raises serious questions regarding security and integrity not only of the data exchanged, but also of the devices themselves and the software they run. Code-Reuse Attacks (CRA) are one of the most powerful binary attack paradigms, aiming to exploit memory vulnerabilities such as buffer overflows to force the application to execute an unintended sequence of instructions present in memory. To counter such a kind of attacks, ensuring the program's control-flow integrity (CFI) appears to be the most promising solution presented so far. A plethora of CFI implementations have been offered in the literature and by vendors, based on control-flow monitors located at the software level or even into hardware extensions. However, many proposed solutions opt for coarse-grained checks, or insert enforcement before all flow transfers. For software running on IoT platforms, where resources are usually limited, protections can increase the footprint in an unsustainable way. This paper presents PROLEPSIS, an automated binary code analysis tool for IoT applications written for ARM platforms. With an optimised search, the tool is able to identify only those executable point (control-flow instructions) that are really at risk of control-flow hijacking. Each recognised insecure point is instrumented according to a custom technique of choice, either based on a software or a hardware monitor, depending on the specific application needs. All the best, Gianluca Roascio -- *Gianluca ROASCIO* *CINI* - Laboratorio Nazionale Cybersecurity Sede di Torino c/o LINKS - Leading Innovation & Knowledge for Society Via Pier Carlo Boggio 61, I-10138 Torino TO - Italy Tel: +39 334 3762427 gianluca.roascio(a)consorzio-cini.it Skype: gianluca.roascio www.cybersecnatlab.it <http://www.consorzio-cini.it/>

4 years, 3 months

[SPARTA - bodies.dissemination-committee] article submission

by Algimantas Venckauskas

Dear all, We are submitting a paper “A Novel Approach for Network Intrusion Detection using Multistage Deep Learning Image Recognition” to the journal Electronics MDPI. The paper’s abstract is below. If accepted we will acknowledge SPARTA. The authors are Jevgenijus Toldinas, Algimantas Venčkauskas, Robertas Damaševičius, Šarūnas Grigaliūnas, Nerijus Morkevičius, Edgaras Baranauskas. All the best, Algimantas Venčkauskas ______________________________________________________ Abstract: The current rise in hacking and computer network attacks throughout the world has heightened the demand for improved intrusion detection and prevention solutions. The intrusion detection system (IDS) is critical in identifying abnormalities and assaults on the network, which have grown in size and pervasiveness. The paper proposes a novel method for network intrusion detection using multistage deep learning image recognition. The dataset network features are normalized and transformed into four-channel (Red, Green, Blue, and Alpha) images. The images are used to train and test the pre-trained deep learning model ResNet50. The proposed approach is evaluated using two benchmark datasets, UNSW-NB15 and BOUN Ddos. On the UNSW-NB15 dataset, the proposed method achieved 99.8% accuracy in the detection of the Generic attack. On the BOUN DDos dataset, the suggested method achieves 99.7% accuracy in the detection of the DDos attack and 99.7% accuracy in the detection of the normal traffic.

4 years, 3 months

[SPARTA - bodies.dissemination-committee] Submission

by Algimantas Venckauskas

Dear all, We have submitted the paper „Technical Threat Intelligence Analytics: What and How to Visualize for Analytic Process“ to the 24th International Conference ELECTRONICS 2020 Abstract: Visual Analytics uses data visualization methods for enabling compelling analysis of data by engaging graphical and visual representation. In the domain of cybersecurity, convincing visual representation of data enables to ascertain valuable observations that allow the domain experts to construct efficient cyberattack mitigation strategies and provide useful decision support. In this paper, we present a survey of the visual analytics tools and methods in the domain of cybersecurity. We explore and discuss Technical Threat Intelligence visualization tools using the Five Question Method. We conclude the analysis of the works using Moody’s Physics of Notations, and VIS4ML ontology as a methodological background of visual analytics process. This paper is still under evaluation. If it gets accepted, we will acknowledge SPARTA. Best, Algimantas Venčkauskas Kauno technologijos universitetas

4 years, 3 months

2025

2024

2023

2022

2021

2020

2019

Bodies.dissemination-committee July 2021