Program 2020 (Tentative)
The time zone for our program is EDT. 9:00 AM EDT is 10:00 PM KST and 2:00 PM in Vienna, Austria.
Day 1 | Ocober 28
9:00–9:30 Welcome speech!
9:30–10:30 Keynote
Talk Title: Towards Usable and Secure Graphical Passwords for Smartphones
Hyoungshick Kim, Sungkyunkwan University, Seoul, South Korea
10:30–10:45 Coffee Break
10:45-12:05 Session 1: Blockchains and Compliance
Session Chair: Jungwoo Ryoo (Pennsylvania State University, USA)
Medical Blockchains and Privacy in Austria – Technical and Legal Aspects
Andreas Kolan, Simon Tjoa, and Peter Kieseberg
St. Pölten University of Applied Sciences, Austria
Distributed Unit Security for 5G Base-Stations using Blockchain
William Crowe and Tom Oh
Rochester Institute of Technology, USA
Assessing the sovereignty and security of the Austrian internet
1Florian Plainer, 2Klaus Kieseberg, and 3Peter Kieseberg
1St. Pölten University of Applied Sciences, Austria
2SBA Research
3St. Pölten University of Applied Sciences, Austria
Continuous Security through Integration Testing in an Electronic Health Records System
Saptarshi Purkayastha, Shreya Goyal, Tyler Phillips, Huanmei Wu, Brandon Haakenson, and Xukai Zou
Indiana University – Purdue University Indianapolis
Day 2 | Ocober 29
9:00–9:15 Welcoming Remarks & Introduction to Keynote
09:15 – 10:15 Keynote
Talk Title: Distributed Ledger Technology, Blockchain & Crypto Currencies
Edgar Weippl, Professor, University of Vienna, Vienna, Austria
10:15 – 10:30 Coffee Break
10:30–11:30 Session 1: Secure Software Design and Implementation
Session Chair: Simon Tjoa (St. Pölten University of Applied Sciences, Austria)
Compiling and Analyzing Open Source Malware for Research Purposes
Daniel Judt, Patrick Kochberger, Peter Kieseberg, and Sebastian Schrittwieser
St. Pölten University of Applied Sciences, Austria
VM based Malware Security Protection on Android Platform
Anthony Avella, Ian Menovich, Ryan Strimple, and Syed Rizvi
Pennsylvania State University
Comparison of various interpolation techniques toinfer localization of audio files using ENF signals
Hyekyung Han, Kanghoon Lee, Youngbae Jeon and Ji Won Yoon
Korea University
11:30–11:45 Coffee Break
11:45–12:05 Lightning Talk
Blockchain-based Service Performance Evaluation Method Using Native Cloud Environment
Taeyoung Kim and Hyung-Jong Kim
Seoul Women’s University
Day 3 | October 30
9:00-9:15 Welcoming Remarks & Introduction to Keynote
9:15:00–10:15 Keynote
Talk Title: Detecting Intrusion in connected vehicles
Lotfi Ben Othmane, Iowa State Unviersity
10:15–10:30 Coffee Break
10:30 – 11:30 Session 1: Internet of Things (IoT)
Session Chair: Syed Rizvi (Pennsylvania State University, USA)
WIP: An Internet of Things (IoT) Security Assessment for Households
William Aiken, Jungwoo Ryoo, and Syed Rizvi
Pennsylvania State University
Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts
Iyonna Williams, Tanner Flock and Travis Flock, and Syed Rizvi
Pennsylvania State University
Why Compliance is needed for Internet of Things?
Shakir Campbell, Kieran Alden, and Syed Rizvi
Pennsylvania State University
11:30–11:40 Coffee Break
11:40 – 13:00 Session 2: Internet of Things (IoT), Lightning Talk & Closing
Session Chair: Jungwoo Ryoo (Pennsylvania State University, USA)
Security Analysis of a SOHO Wi-Fi router
Sandeep Romana, Jyostna Grandhi and Pr Lakshmi Eswari
Centre for Development of Advanced Computing, India
Document Representations to improve Topic Modelling?
Peddineni Venkata Poojitha and Remya R.K. Menon
Amrita Vishwa Vidyapeetham, India
12:20–12:40: Lightning Talk
A Study on Reflecting User Experiences for Sensor-based Android IoT Services
Jae-Yoon Ahn, Bo-Min Kim, and Hyung-Jong Kim
Seoul Women’s University
12:40–13:00 Closing Remarks & Best Student Paper Award
Full Research Papers
Medical Blockchains and Privacy in Austria – Technical and Legal Aspects
Andreas Kolan, Simon Tjoa and Peter Kieseberg
St. Pölten University of Applied Sciences, Austria
The utilization of blockchains in the medical domain has been discussed for quite some time, with multiple academic projects targeting various application domains in this field. Still, many countries feature underlying laws and regulations that make this utilization hard to impossible, especially when considering the sensitive nature of medical records. In this work we analyze the specific situation in Austria and analyse the two major regulations that need to be taken into account, the EU-wide GDPR and the Austria-specific ELGA, with respect to blockchain applications in the medical sector in Austria. Furthermore, we outline several additional key issues that need to be taken into consideration, as well as the problem of the most prominent solution, linking to external storage from the blockchain.
Distributed Unit Security for 5G Base-Stations using Blockchain
William Crowe and Tom Oh
Rochester Institute of Technology, USA
5G in the United States has been rapidly growing this past year as the New Radio (NR) standards have been finalized. The top three US cellular carriers cover most major cities in 2019, and the plans are to cover most of the nation by the close of 2020. Field testing shows that 5G is meeting the promise of gigabit speeds and single digit latency over millimeter wave. 5G Security is ever so more critical with the expectation of massive IoT, M2M, VANET, and High-Speed Fixed Wireless. More devices will rely on commercially available wireless internet, it should be expected that 5G Security will be thoroughly tested by unscrupulous individuals. To enhance security, this paper will cover utilizing Blockchain for identity management of the next generation NodeB (gNB) for the user equipment (UE) would make Rogue Cellsite, man-in-the-middle-attacks, or Stingray much harder to perform. This would prevent the UE from blindly connecting to any gNB it sees and sharing sensitive information because of the connection requested from an untrusted source. While there are other potential security flaws in 5G, implementing Blockchain in a commercial network would enhance attach and handover security for all devices that use 5G.
Assessing the sovereignty and security of the Austrian internet
1Florian Plainer, 2Klaus Kieseberg and 3Peter Kieseberg
1,3St. Pölten University of Applied Sciences, 2SBA Research
With many people depending on the internet in their daily work lives, the question on dependencies of these services arises. In this work we provide the methodology and analysis results regarding the security and dependencies of important Austrian sites on other nations and (potentially vulnerable) resources. Furthermore, we added a specific sub set to the analysis, focusing on governmental sites due to their increased importance.
Continuous Security through Integration Testing in an Electronic Health Records System
Saptarshi Purkayastha, Shreya Goyal, Tyler Phillips, Huanmei Wu, Brandon Haakenson and Xukai Zou
University – Purdue University Indianapolis
The estimated average cost of a healthcare data breach in 2019 was $6.45 million, which is the highest among all industries. Yet, security remains an afterthought in many digital health applications. Formal methods for testing for bugs are commonplace in software development through the use of unit testing, integration testing, system testing, and acceptance testing. More so, in modern software engineering, continuous integration is a well-known concept to run automated tests soon after any code change, when the system builds and notifies the development team of the test results. In this paper, we describe the use of a popular Python unit testing framework to implement a formal method of security testing. Common Vulnerability Scoring System (CVSS) is used to calculate metrics that represent the state of security of a deployed system. We developed a series of Pytest Behavioral Driven Development (BDD) scripts to test the Authentication and Availability of a widely used Electronic Health Records System called OpenMRS. The advantage of using the BDD approach is that testing scripts, called Gherkin files, can be read and understood by the developers as well as the non-developer stakeholders. The use of Gherkin serves two purposes: firstly, it serves as the project’s documentation, and secondly, it automates the tests. The use of the CVSS score between 0 to 10 becomes an objective metric to compare every code change, thus achieving continuous security. We plan to expand BDD scripts to attacks like Denial of Service, Session Hijacking, SQL Injection, and other privilege escalation attacks.
Compiling and Analyzing Open Source Malware for Research Purposes
Daniel Judt, Patrick Kochberger, Peter Kieseberg and Sebastian Schrittwieser
St. Pölten University of Applied Sciences, Austria
Malware obfuscation can make both automatic and manual analysis of its binary code and the contained functionality significantly more time consuming. For malware research it would therefore be useful to be able to study the effects of different obfuscation methods on the resulting binary code. While some obfuscations are applied through rewriting of the binary, others have to be applied at source code level or during compile time. However, the source code of in-the-wild malware is often not available. For this paper, we collected the source code of eleven open source malware samples from the past 12 years and analyzed if they still compile on current systems. Furthermore, basic static analysis was performed to evaluate the usefulness of the resulting binaries for further malware obfuscation research. Our results indicate, that it is possible to compile available samples with moderate effort and the resulting binaries are very well suited for research purposes.
VM based Malware Security Protection on Android Platform
Syed Rizvi, Anthony Avella, Ian Menovich and Ryan Strimple
Pennsylvania State University
This paper looks at the different ways in which Android phones can be attacked by android malware, and the different developments in malware protection and detection. The fight against mobile malware is an important one as most people today own cell phones and store valuable personal information on their phones. There are many ways in which a phone can be attacked by malware, and therefore there are many different methods to detect and defend against these attacks. Some experts suggest a decentralized data approach, while others suggest anti-malware hardware is the solution. There are many different Anti-malware hardware devices that all work in different ways and detect malware at different levels. However, there are no full-proof malware detection schemes. It is alarming that there is no common solution to protecting against malware and no way to completely detect malware every time. In this research, we focus on Android malware, specifically malware found on apps from the Google Play Store. One of the ways one would solve this problem is by using virtual machines and compiling malware detection programs on them. To support our VM based malware detection scheme, we develop an algorithm to provide implementation-level details. The practicality of our proposed scheme is shown using multiple case studies.
Comparison of various interpolation techniques to infer localization of audio files using ENF signals
Hyekyung Han, Kanghoon Lee, Youngbae Jeon and Ji Won Yoon
Korea University
Electrical Network Frequency (ENF) is a frequency of electrical power signal of a power grid. In order to provide stable power supply to a variety of loads, institutions and organizations make great efforts. However, there is a slight difference in values depending on the demand and supply of power usage. Due to its distinctive value, the importance of ENF data increases in the field of security. Especially, it is feasible to trace the location where the ENF signal was generated. By exploiting interpolation techniques, we can estimate the ENF value of a specific location and evaluate the estimation performance. As we precisely interpolate the ENF signals of target location, we can increase the accuracy of our estimation of location for the unacquainted ENF signals. In this paper, we interpolated the ENF values of the power grid of the United States using three different methods: IDW, Ordinary Kriging and Universal Kriging. Then we evaluated the RMSE calculated by changing the hyper-parameters and models of interpolation methods. As a result, using Ordinary Kriging in the Western grid showed the lowest RMSE. For the Eastern power grid, it was the IDW with λ=-1 which showed the lowest RMSE. Above all, we found that each of the power grid has different characteristics and thus different interpolation technique should be applied for elaborate approximation.
WIP: An Internet of Things (IoT) Security Assessment for Households
William Aiken, Jungwoo Ryoo and Syed Rizvi
Pennsylvania State University
IoT is becoming a common term. More consumers are purchasing and installing household IoT devices such as thermostats, security cameras, and lighting solutions. These so-called smart home appliances supposedly make our lives easier, safer, and more sustainable. However, the benefits come with risks, especially in cybersecurity and privacy. As more IoT hosts connect to a home network, the possibility of potential security breaches also increases. The more hosts in a network, the more opportunities for attackers, which is why users should pay attention to security vulnerabilities and address them as much as possible. In this context, self-assessment of how well a household is doing with IoT security is of great use. This paper proposes an easy-to-use and intuitive assessment tool to realize this idea.
Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts
Syed Rizvi, Iyonna Williams, Tanner Flock and Travis Flock
Pennsylvania State University
In this paper, we improve the Advanced Persistent Threats (APT) attack detection rate accuracy by using an artificial intelligence based anomalous intrusion detection that will be based on unsupervised learning techniques. This system will be mainly network-based with a thin layer running on the host device. We plan to mainly use an unsupervised artificial intelligence technique that utilizes Adaptive Resonance theory that will be paired with a signature based system that will filter anomalous data and significantly improve detection rates and decrease false positive rates compared to typical anomalous intrusion detection system. If proven here, this system could be applied to future Intrusion Detection Systems and have the ability to significantly increase overall network security for an organization.
Why Compliance is needed for Internet of Things?
Syed Rizvi, Shakir Campbell and Kieran Alden
Pennsylvania State University
The Internet of Things (IoT) is a relatively new concept that has been coined and is now commonly used in the field of Information Technology (IT). This concept is defined as many things, but the simplest way to describe IoT is as the culmination of all of the new devices, systems, applications, technology, etc. that are connected and have the capability to transfer or transmit data without the need of a human or computer. This developing industry is expected to have billions of devices interconnected in the next few years. This growth is happening in all branches of traditional IT. Different divisions of IT, such as the financial division or medical division of IT, are already moving to the IoT. While this technological advancement is conceptually astounding, just like anything new in the world of IT, there arise many questions about the security of, or lack thereof, IoT. Furthermore, the lack of laws and regulations that will set standards for security on the IoT, similarly to how traditional IT has compliance laws for each of the divisions of IT (medical, retail, financial, industrial, etc.). The main purpose of this paper is not to come up with a solution to the lack of security compliance pertaining to the IoT, but identify that the lack of compliance laws for IoT is a problem and that traditional IT compliance laws will not work for the IoT unless modified. Instead, new compliance standards should be established to address the security and privacy concerns of IoT.
Security Analysis of a SOHO Wi-Fi router
Sandeep Romana, Jyostna Grandhi and Pr Lakshmi Eswari
Centre for Development of Advanced Computing, India
Wi-Fi-enabled Small Office/Home Office (SOHO) routers have become ubiquitous for having internet access in many network environments. With the advent of the ‘Internet of Things’ (IoT) and smart devices, almost all household devices are connected to the internet via these Wi-Fi-enabled SOHO routers. There have been numerous reports of security issues in SOHO routers because of known vulnerabilities. Except for enterprise networks, these devices acting as gateways are rarely safeguarded properly. The reasons for neglecting the security of these devices are many. Reports suggest that users often deploy these devices with insecure default configurations, leaving them as easy prey in the hands of malice users. Due to the easy exploitability, these devices have become attackers’ paradise. The security analysis of these devices is often overlooked and challenging to undertake because of various versions of custom Linux based firmware and bootloaders they use. The security analysis of these devices holds strategic importance as they act as a gateway to almost every household which has access to the internet. In this paper, we list down the software and hardware interfaces of SOHO routers important for security analysis. We present a network environment for carrying out the security analysis of these devices. An iterative approach using static & dynamic analysis is described. Further, the static & dynamic analysis is augmented with symbolic analysis. To validate the described procedures, we present the case study of performing security analysis on a Netis WF2411 router.
Document Representations to improve Topic Modelling?
Peddineni Venkata Poojitha and Remya R.K. Menon
Amrita Vishwa Vidyapeetham, India
We collect lots of information from web applications every day. So it is difficult to understand or detect what the whole data is about. To detect, understand and summaries the information we need some specific tools and techniques like topic modelling which helps to analyze and identify the crisp of the data. This paper implements the sparsity-based dictionary representation with Topic Modeling. It organizes the data with meaningful structure by using machine learning algorithms like LDA (Linear Dirichlet Allocation) and OMP (Orthogonal Matching Pursuit) algorithms. It identifies a document to belong to which topic as well as similarity between documents in an existing dictionary. The OMP algorithm is the best algorithm for sparse approximation, With better accuracy, the OMP algorithm can identify the topics to which the input document[Y] is mostly related to across a large collection of text documents present in a dictionary
Lightning Talk
Blockchain-based Service Performance Evaluation Method Using Native Cloud Environment
Taeyoung Kim and Hyung-Jong Kim
Seoul Women’s University
This study presents a performance evaluation system that helps blockchain-based service planners make decisions. This system is offered as Docker and Kubernetes for portability and flexibility.
A Study on Reflecting User Experiences for Sensor-based Android IoT Services
Jae-Yoon Ahn, Bo-Min Kim and Hyung-Jong Kim
Seoul Women’s University
Through this research, it is possible to perform optional encryption based on the user-experience of the sensor inside the Android smartphones. We conducted an questionnaire survey, derived the user’s encryption selection rate, and based on this, designed a sensor DB based on the user’s experience. Based on the accumulated experience of the user, it can also influence the user’s decision to proceed with the subsequent encryption.