Program for ICSSA 2021
The time zone for our program is CEST. 9:00 AM EDT is 11:00 PM KST and 3:00 PM in Vienna, Austria.
Day 1 | November 10
9:00–9:15 Welcome speech!
9:15–10:15 Keynote
Talk Title: Cyber Risk Scoring and Mitigation for Resilient Cyber Infrastructure
Sachin Shetty, Old Dominion University, Norfolk – VA
10:15–10:45 Coffee Break
10:45-11:45 Session 1: Cybersecurity and Applications
Session Chair: Jungwoo Ryoo (Pennsylvania State University, USA)
Security Education and Training for Non-technical School Students using Games
Hyung-Jong Kim, Soyeon Park and Jin B. Hong
Seoul Women’s University, Korea
The University of Wester, Australia
Delete My Account: Impact of Data Deletion on Machine Learning Classifiers
Tobias Dam, Maximilian Henzl and Lukas Daniel Klausner
St. Pölten University of Applied Sciences, Austria
FHSTP UAS
Evaluation of Password Replacement Schemes
Thomas Bechtel, Peter Kieseberg and Simon Tjoa
St. Pölten University of Applied Sciences, Austria
11:45–12:15 Lightning Talk
Toward a Cyber Range for Industrial Control Systems
Hae Young Lee
Seoul Women’s University, Korea
SIEM and Security Analytics for Small to Midsized Businesses
Mark Viglione
Founder, Enigma Networkz
Day 2 | November 11
9:00–9:15 Welcoming Remarks & Introduction to Keynote
9:15 – 10:15 Keynote
Talk Title: Software Protections and Recent Advancement in the Field
Sebastian Schrittwieser, University of Vienna, Vienna, Austria
10:15 – 10:30 Coffee Break
10:30–11:30 Session 1: Secure Software Design and Implementation
Session Chair: Simon Tjoa (St. Pölten University of Applied Sciences, Austria)
A Pattern-based Security Solution for Software Systems with Architectural Weaknesses
Priya Anand and Jungwoo Ryoo
The Pennsylvania State University, Pennsylvania – USA
Data Statistic, Visualization, and Notifications of Networking Traffic Data using AWS IoT Cloud
Quoc Trung Khuong and Tae Oh
Rochester Institute of Technology
Reducing Software Vulnerabilities Using Machine Learning Static Application Security Testing
Ryan Santos, Syed Rizvi, Bradley Cesarone, William Gunn and Erin McConnell
The Pennsylvania State University, Pennsylvania – USA
11:30–12:30 Session 2: Secure Software Design and Implementation
Session Chair: Syed Rizvi (Pennsylvania State University, USA)
Survey: Machine Learning Algorithm Efficacy Static Software Analysis
Erin McConnell, Miles Moate, Stephen Fisanick, Syed Rizvi, Joseph Burns, Jeremy Jens and Vita Staws
The Pennsylvania State University, Pennsylvania – USA
Anomaly Detection System for Smart Home using Machine Learning
1Vikram Parmar, 1Abhinav Srinivasan, 1Tae Oh, 2Jungwoo Ryoo and 3Mark Viglione
1Rochester Institute of Technology
2The Pennsylvania State University, Pennsylvania – USA
3Engima Networkz
The Future for a Secure Internet of Things
Avery Thrasher, Dustin Priest, Rafay Ahmad, Syed Rizvi, Miles Moate, Stephen Fisanick, and Erin McConnell
The Pennsylvania State University, Pennsylvania – USA
Lightning Talk
Automated Approaches in Software Security
Yu Ming Cheuk, Michael G. Agamasire, James E. Byrns, and Jungwoo Ryoo
The Pennsylvania State University, Pennsylvania – USA
12:30–12:45 Closing Remarks & Best Student Paper Award
Jungwoo Ryoo & Simon Tjoa
Full Research Papers
Security Education and Training for Non-technical School Students using Games
Hyung-Jong Kim, Soyeon Park and Jin B. Hong
Seoul Women’s University, Korea
The University of Wester, Australia
Computer science education is being implemented into the school curriculums and frameworks to engage with students from the early ages. However, security education itself faces many challenges to keep students motivated, such as overcoming the learning curve without having the prerequisite knowledge. Further, security objectives are often difficult to represent visually, unlike some other fields of computer science (e.g., computer vision, robotics etc). As a result, teaching resources for security education often lack the engagement component, which is crucial for maintaining the interest of school students. To address this issue, we developed three educational security games aimed to increase the motivation and engagement of students across various age groups. We hosted security workshops at various schools, increasing awareness and interest in security education. Further, we carry out security education for students in different countries through the hidden program. We suggest that developing security education materials using various pedagogical strategies to improve engagement could further enhance the awareness and interest among students, increasing the interest to pursue further studies in cybersecurity.
Delete My Account: Impact of Data Deletion on Machine Learning Classifiers
Tobias Dam, Maximilian Henzl and Lukas Daniel Klausner
St. Pölten University of Applied Sciences, Austria
FHSTP UAS
Users are more aware than ever of the importance of their own data, thanks to reports about security breaches and leaks of private, often sensitive data in recent years. Additionally, the GDPR has been in effect in the European Union for over three years and many people have encountered its effects in one way or another. Consequently, more and more users are actively protecting their personal data. One way to do this is to make of the right to erasure guaranteed in the GDPR, which has potential implications for a number of different fields, such as big data and machine learning. Our paper presents an in-depth analysis about the impact of the use of the right to erasure on the performance of machine learning models on classification tasks. We conduct various experiments utilising different datasets as well as different machine learning algorithms to analyse a variety of deletion behaviour scenarios. Due to the lack of credible data on actual user behaviour, we make reasonable assumptions for various deletion modes and biases and provide insight into the effects of different plausible scenarios for right to erasure usage on data quality of machine learning. Our results show that the impact depends strongly on the amount of data deleted, the particular characteristics of the dataset and the bias chosen for deletion and assumptions on user behaviour.
Evaluation of Password Replacement Schemes
Thomas Bechtel, Peter Kieseberg and Simon Tjoa
St. Pölten University of Applied Sciences, Austria
The digital world has developed very rapidly over the past few decades. Laptops, smartphones and tablets have become objects of daily use and many users use dozens of services on these devices. But the login procedure for devices and services has not changed – especially for web applications. The combination of username and password has always been the most common method of logging in. The aim of this work is to explain why the password is still the most popular method of logging in users, despite the large number of alternatives and known weaknesses. For this purpose, different methods were evaluated in a fixed schema of 12 rating-criteria in the categories: usability, security and applicability for continuous authentication. No method was able to fulfil all criteria and it shows that higher security is mainly achievable in exchange for usability.
A Pattern-based Security Solution for Software Systems with Architectural Weaknesses
Priya Anand and Jungwoo Ryoo
The Pennsylvania State University, Pennsylvania – USA
Security patterns are solutions to recurring security issues that can be applied to mitigate vulnerabilities in a software system. Application developers may be unaware of the vulnerabilities of their own system, leaving it vulnerable to attacks. To improve security, the system needs security implementation in its architecture instead of implementing at local levels. This, in turn, requires an effort in building security into the design. Applying security patterns would be one way to accomplish this task. Security patterns define ways to express security requirements and solutions concisely, as well as providing vocabulary for designers seeking security controls in their systems. Little research has been done in the area of matching a security pattern with a particular vulnerability existing in a software system. In this research, authors have primarily focused on filling this gap to map a security pattern that could be a potential solution to a major security vulnerability found in the system. The authors’ previous research proposed a methodology to identify the missing security pattern to provide an architectural security solution. In this research, authors conducted a case-study on a software application that has little architectural design for security. The research results show that architectural security solutions are applicable even for a software system that lack an architectural design.
Data Statistic, Visualization, and Notifications of Networking Traffic Data using AWS IoT Cloud
Quoc Trung Khuong and Tae Oh
Rochester Institute of Technology
Although being described as not as complex as Data Analytics, Data Statistic, and visualization is extremely useful in most scenarios where time is the element of crucial. While it might whole true that implementing a system for statistic displaying is quite common, depending on the type of data that the business is using, it could have much more depth and effectiveness. Additionally, data visualization is also a useful tool to aid the users in comprehending a snapshot of the timeline. Most of the time when something abnormal occurred, it would be more visible through graphs and charts… Notifications have always been handy in many scenarios, by understanding your own business’s network, and data, rules can be applied to the system to filter malicious traffic or simply reporting the status of the current system. In this paper, we are going to discuss these implementations on the AWS IoT Cloud Core and using its services such as JupyterNotebook for more advanced statistics and notifications.
Reducing Software Vulnerabilities Using Machine Learning Static Application Security Testing
Ryan Santos, Syed Rizvi, Bradley Cesarone, William Gunn and Erin McConnell
The Pennsylvania State University, Pennsylvania – USA
Manual code reviews have been used for as long as software development has existed. As modern software development practices continue to evolve so does the security testing of code. Static Application Security Testing (SAST) can play a significant role in helping developers identify defects in their code during the secure software development lifecycle. SAST tools have become more automated, support more languages, rely less on the developer’s knowledge, and are being considered by some to be an integral part of the industry’s collective best practices. Machine Learning and artificial intelligence are becoming integrated into these tools to detect vulnerabilities faster and with better accuracy. This paper compares manual code review, traditional SAST tools, and SAST tools with machine learning and artificial intelligence integrated to provide a starting point for organizations to choose the most appropriate code analysis technique for identifying potential vulnerabilities in their software.
Survey: Machine Learning Algorithm Efficacy Static Software Analysis
Erin McConnell, Miles Moate, Stephen Fisanick, Syed Rizvi, Joseph Burns, Jeremy Jens and Vita Staws
The Pennsylvania State University, Pennsylvania – USA
In this day and age there is a constant growth in technology and a flood of software and devices in the market. With this comes the need for security improvements. Software analysis alone can take substantial time, cost, and extraordinary talent. There is also a large repository of shared code available. Social coding is an avenue that plays into the reason of having a way to detect vulnerabilities, be it originally in the code or added into later, is even more of a concern. One possible way to assist in the process of vulnerability detection is the use of machine learning. Machine learning is something that has proved to be efficient, cost-effective, and beneficial so far in this aspect. With the use of static analysis, we think it is the future for software developers and analyzers. It is important to discuss where we are now with utilizing machine learning and where we can go. This paper provides the foundation to begin this discussion by developing an understanding of how machine learning algorithms are being used to detect vulnerabilities in software and their limitations.
Anomaly Detection System for Smart Home using Machine Learning
1Vikram Parmar, 1Abhinav Srinivasan, 1Tae Oh, 2Jungwoo Ryoo and 3Mark Viglione
1Rochester Institute of Technology
2The Pennsylvania State University, Pennsylvania – USA
3Engima Networkz
Internet of things (IoT) networks are present in a variety of industries and have become an integral part of our lives. With the advancement in technology, there has also been an increase in threats and security risks to IoT devices. In the case of Smart home networks, most of the IoT devices are vulnerable and have limited processing power. Whenever a new IoT device connects to the home network or any given network, it must be quickly managed and secured using the relevant security measures. This paper proposes to build a system that can classify devices connected as IoT or Non-IoT devices using machine learning (ML) and provide an Intrusion detection system (IDS) for monitoring any anomalies or suspicious activities on the network. The ML model has been trained on a dataset (IoT 23[1]) and will be implemented on a testbed that consists of IoT, Non-IoT devices, a connector, and a hub to check the efficiency of the model. The F-measure will be calculated to compare the performance of different machine learning algorithms. The proposed model will also be integrated with a commercial software solution called Enigma Glass with an end-user dashboard providing analytics, visualizations, and notifications regarding the smart home network.
The Future for a Secure Internet of Things
Avery Thrasher, Dustin Priest, Rafay Ahmad, Syed Rizvi, Miles Moate, Stephen Fisanick, and Erin McConnell
The Pennsylvania State University, Pennsylvania – USA
Among other breakthrough technologies, the Internet of Things (IoT) has only recently started to receive attention from the global business community. Over time, a growing number of small and large-scale organizations are adopting IoT in some form. However, it is an undeniable fact that the IoT industry is still in its infancy and requires considerable research and development. Specifically, ensuring the security of IoT networks and appliances within the various IoT ecosystems is a major challenge. IoT security is the technology area concerned with protecting and safeguarding connected devices and networks in the internet of things. Allowing devices to connect to the internet opens them up to several serious vulnerabilities if they are not properly protected. The IoT consists of a fixed system with sensors, actuators, and network connectivity that enable the collection and exchange of data. The IoT allows objects to be sensed or controlled remotely across existing network infrastructure, creating opportunities for more blending of the physical world into computer-based systems, and as a result in improved accuracy, efficiency, and economic benefit. This paper presents a discussion on IoT security in consideration of retrospect and highlights some known IoT security frameworks that may prove effective in mitigating threats as well as exploring standardization for the IoT community and how that may play a role in the future for a secure IoT.
Lightning Talk
Toward a Cyber Range for Industrial Control Systems
Hae Young Lee
Seoul Women’s University, Korea
This talk presents our concept of a cyber range for industrial control systems (ICS). To emulate cyber and physical parts of the target ICS as well as adversaries, simulation, virtualization, and automated adversary emulation technologies are employed.
Automated Approaches in Software Security
Yu Ming Cheuk, Michael G. Agamasire, James E. Byrns, and Jungwoo Ryoo
The Pennsylvania State University, Pennsylvania – USA
IT professionals in this era need to incorporate software development strategies that include speed as well as quality. There is an increasing need to integrate security tactics in design to help detect, resist, react, and recover from attacks, emphasizing the design phase. Near-complete automation is viewed as the future. The more immediate goal is to promote and enhance automation throughout the software delivery pipeline, eliminating mistakes and downtime. This paper reviews existing automation technologies used in the software security domain to evaluate their effectiveness and provide future research directions and insights.