Program

Program 2020 (Tentative)


The time zone for our program is EDT. 9:00 AM EDT is 10:00 PM KST and 2:00 PM in Vienna, Austria.

Day 1 | Ocober 28

9:00–9:30 Welcome speech!

9:30–10:30 Keynote

Talk Title: Towards Usable and Secure Graphical Passwords for Smartphones

Hyoungshick Kim, Sungkyunkwan University, Seoul, South Korea

10:30–10:45 Coffee Break

10:45-12:05 Session 1: Blockchains and Compliance

Session Chair: Jungwoo Ryoo (Pennsylvania State University, USA)

Medical Blockchains and Privacy in Austria – Technical and Legal Aspects

Andreas Kolan, Simon Tjoa, and Peter Kieseberg

St. Pölten University of Applied Sciences, Austria

Distributed Unit Security for 5G Base-Stations using Blockchain

William Crowe and Tom Oh

Rochester Institute of Technology, USA

Assessing the sovereignty and security of the Austrian internet

1Florian Plainer, 2Klaus Kieseberg, and 3Peter Kieseberg

1St. Pölten University of Applied Sciences, Austria

2SBA Research

3St. Pölten University of Applied Sciences, Austria

Continuous Security through Integration Testing in an Electronic Health Records System

Saptarshi Purkayastha, Shreya Goyal, Tyler Phillips, Huanmei Wu, Brandon Haakenson, and Xukai Zou

Indiana University – Purdue University Indianapolis    


Day 2 | Ocober 29

9:00–9:15 Welcoming Remarks & Introduction to Keynote

09:15 – 10:15 Keynote

Talk Title: Distributed Ledger Technology, Blockchain & Crypto Currencies 

Edgar Weippl, Professor, University of Vienna, Vienna, Austria

10:15 – 10:30 Coffee Break 

10:30–11:30 Session 1: Secure Software Design and Implementation 

Session Chair: Simon Tjoa (St. Pölten University of Applied Sciences, Austria)

Compiling and Analyzing Open Source Malware for Research Purposes

Daniel Judt, Patrick Kochberger, Peter Kieseberg, and Sebastian Schrittwieser

St. Pölten University of Applied Sciences, Austria 

 VM based Malware Security Protection on Android Platform

Anthony Avella, Ian Menovich, Ryan Strimple, and Syed Rizvi 

Pennsylvania State University   

Comparison of various interpolation techniques toinfer localization of audio files using ENF signals

Hyekyung Han, Kanghoon Lee, Youngbae Jeon and Ji Won Yoon

Korea University  

11:30–11:45 Coffee Break

11:45–12:05 Lightning Talk

Blockchain-based Service Performance Evaluation Method Using Native Cloud Environment

Taeyoung Kim and Hyung-Jong Kim

Seoul Women’s University   


Day 3 | October 30

9:00-9:15 Welcoming Remarks & Introduction to Keynote

9:15:00–10:15 Keynote

Talk Title: Detecting Intrusion in connected vehicles

Lotfi Ben Othmane, Iowa State Unviersity

10:15–10:30 Coffee Break 

10:30 – 11:30 Session 1: Internet of Things (IoT)

Session Chair: Syed Rizvi (Pennsylvania State University, USA)

WIP: An Internet of Things (IoT) Security Assessment for Households

William Aiken, Jungwoo Ryoo, and Syed Rizvi 

Pennsylvania State University   

Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts

Iyonna Williams, Tanner Flock and Travis Flock, and Syed Rizvi

Pennsylvania State University   

Why Compliance is needed for Internet of Things?

Shakir Campbell, Kieran Alden, and Syed Rizvi

Pennsylvania State University

11:30–11:40 Coffee Break

11:40 – 13:00 Session 2: Internet of Things (IoT), Lightning Talk & Closing

Session Chair: Jungwoo Ryoo (Pennsylvania State University, USA)

Security Analysis of a SOHO Wi-Fi router

Sandeep Romana, Jyostna Grandhi and Pr Lakshmi Eswari

Centre for Development of Advanced Computing, India   

Document Representations to improve Topic Modelling?

Peddineni Venkata Poojitha and Remya R.K. Menon

Amrita Vishwa Vidyapeetham, India

12:20–12:40: Lightning Talk 

A Study on Reflecting User Experiences for Sensor-based Android IoT Services

Jae-Yoon Ahn, Bo-Min Kim, and Hyung-Jong Kim

Seoul Women’s University  

12:40–13:00 Closing Remarks & Best Student Paper Award


Full Research Papers

Medical Blockchains and Privacy in Austria – Technical and Legal Aspects

Andreas Kolan, Simon Tjoa and Peter Kieseberg

St. Pölten University of Applied Sciences, Austria

The utilization of blockchains in the medical domain has been discussed for quite some time, with multiple academic projects targeting various application domains in this field. Still, many countries feature underlying laws and regulations that make this utilization hard to impossible, especially when considering the sensitive nature of medical records. In this work we analyze the specific situation in Austria and analyse the two major regulations that need to be taken into account, the EU-wide GDPR and the Austria-specific ELGA, with respect to blockchain applications in the medical sector in Austria. Furthermore, we outline several additional key issues that need to be taken into consideration, as well as the problem of the most prominent solution, linking to external storage from the blockchain.

Distributed Unit Security for 5G Base-Stations using Blockchain

William Crowe and Tom Oh

Rochester Institute of Technology, USA

5G in the United States has been rapidly growing this past year as the New Radio (NR) standards have been finalized. The top three US cellular carriers cover most major cities in 2019, and the plans are to cover most of the nation by the close of 2020. Field testing shows that 5G is meeting the promise of gigabit speeds and single digit latency over millimeter wave. 5G Security is ever so more critical with the expectation of massive IoT, M2M, VANET, and High-Speed Fixed Wireless. More devices will rely on commercially available wireless internet, it should be expected that 5G Security will be thoroughly tested by unscrupulous individuals. To enhance security, this paper will cover utilizing Blockchain for identity management of the next generation NodeB (gNB) for the user equipment (UE) would make Rogue Cellsite, man-in-the-middle-attacks, or Stingray much harder to perform. This would prevent the UE from blindly connecting to any gNB it sees and sharing sensitive information because of the connection requested from an untrusted source. While there are other potential security flaws in 5G, implementing Blockchain in a commercial network would enhance attach and handover security for all devices that use 5G.

Assessing the sovereignty and security of the Austrian internet

1Florian Plainer, 2Klaus Kieseberg and 3Peter Kieseberg

1,3St. Pölten University of Applied Sciences, 2SBA Research

With many people depending on the internet in their daily work lives, the question on dependencies of these services arises. In this work we provide the methodology and analysis results regarding the security and dependencies of important Austrian sites on other nations and (potentially vulnerable) resources. Furthermore, we added a specific sub set to the analysis, focusing on governmental sites due to their increased importance.

Continuous Security through Integration Testing in an Electronic Health Records System

Saptarshi Purkayastha, Shreya Goyal, Tyler Phillips, Huanmei Wu, Brandon Haakenson and Xukai Zou

University – Purdue University Indianapolis

The estimated average cost of a healthcare data breach in 2019 was $6.45 million, which is the highest among all industries. Yet, security remains an afterthought in many digital health applications. Formal methods for testing for bugs are commonplace in software development through the use of unit testing, integration testing, system testing, and acceptance testing. More so, in modern software engineering, continuous integration is a well-known concept to run automated tests soon after any code change, when the system builds and notifies the development team of the test results. In this paper, we describe the use of a popular Python unit testing framework to implement a formal method of security testing. Common Vulnerability Scoring System (CVSS) is used to calculate metrics that represent the state of security of a deployed system. We developed a series of Pytest Behavioral Driven Development (BDD) scripts to test the Authentication and Availability of a widely used Electronic Health Records System called OpenMRS. The advantage of using the BDD approach is that testing scripts, called Gherkin files, can be read and understood by the developers as well as the non-developer stakeholders. The use of Gherkin serves two purposes: firstly, it serves as the project’s documentation, and secondly, it automates the tests. The use of the CVSS score between 0 to 10 becomes an objective metric to compare every code change, thus achieving continuous security. We plan to expand BDD scripts to attacks like Denial of Service, Session Hijacking, SQL Injection, and other privilege escalation attacks.

Compiling and Analyzing Open Source Malware for Research Purposes

Daniel Judt, Patrick Kochberger, Peter Kieseberg and Sebastian Schrittwieser

St. Pölten University of Applied Sciences, Austria

Malware obfuscation can make both automatic and manual analysis of its binary code and the contained functionality significantly more time consuming. For malware research it would therefore be useful to be able to study the effects of different obfuscation methods on the resulting binary code. While some obfuscations are applied through rewriting of the binary, others have to be applied at source code level or during compile time. However, the source code of in-the-wild malware is often not available. For this paper, we collected the source code of eleven open source malware samples from the past 12 years and analyzed if they still compile on current systems. Furthermore, basic static analysis was performed to evaluate the usefulness of the resulting binaries for further malware obfuscation research. Our results indicate, that it is possible to compile available samples with moderate effort and the resulting binaries are very well suited for research purposes.

VM based Malware Security Protection on Android Platform

Syed Rizvi, Anthony Avella, Ian Menovich and Ryan Strimple

Pennsylvania State University  

This paper looks at the different ways in which Android phones can be attacked by android malware, and the different developments in malware protection and detection. The fight against mobile malware is an important one as most people today own cell phones and store valuable personal information on their phones. There are many ways in which a phone can be attacked by malware, and therefore there are many different methods to detect and defend against these attacks. Some experts suggest a decentralized data approach, while others suggest anti-malware hardware is the solution. There are many different Anti-malware hardware devices that all work in different ways and detect malware at different levels. However, there are no full-proof malware detection schemes. It is alarming that there is no common solution to protecting against malware and no way to completely detect malware every time. In this research, we focus on Android malware, specifically malware found on apps from the Google Play Store. One of the ways one would solve this problem is by using virtual machines and compiling malware detection programs on them. To support our VM based malware detection scheme, we develop an algorithm to provide implementation-level details. The practicality of our proposed scheme is shown using multiple case studies.

Comparison of various interpolation techniques to infer localization of audio files using ENF signals

Hyekyung Han, Kanghoon Lee, Youngbae Jeon and Ji Won Yoon 

Korea University 

Electrical Network Frequency (ENF) is a frequency of electrical power signal of a power grid. In order to provide stable power supply to a variety of loads, institutions and organizations make great efforts. However, there is a slight difference in values depending on the demand and supply of power usage. Due to its distinctive value, the importance of ENF data increases in the field of security. Especially, it is feasible to trace the location where the ENF signal was generated. By exploiting interpolation techniques, we can estimate the ENF value of a specific location and evaluate the estimation performance. As we precisely interpolate the ENF signals of target location, we can increase the accuracy of our estimation of location for the unacquainted ENF signals. In this paper, we interpolated the ENF values of the power grid of the United States using three different methods: IDW, Ordinary Kriging and Universal Kriging. Then we evaluated the RMSE calculated by changing the hyper-parameters and models of interpolation methods. As a result, using Ordinary Kriging in the Western grid showed the lowest RMSE. For the Eastern power grid, it was the IDW with λ=-1 which showed the lowest RMSE. Above all, we found that each of the power grid has different characteristics and thus different interpolation technique should be applied for elaborate approximation.

WIP: An Internet of Things (IoT) Security Assessment for Households

William Aiken, Jungwoo Ryoo and Syed Rizvi

Pennsylvania State University  

IoT is becoming a common term. More consumers are purchasing and installing household IoT devices such as thermostats, security cameras, and lighting solutions. These so-called smart home appliances supposedly make our lives easier, safer, and more sustainable. However, the benefits come with risks, especially in cybersecurity and privacy. As more IoT hosts connect to a home network, the possibility of potential security breaches also increases. The more hosts in a network, the more opportunities for attackers, which is why users should pay attention to security vulnerabilities and address them as much as possible. In this context, self-assessment of how well a household is doing with IoT security is of great use. This paper proposes an easy-to-use and intuitive assessment tool to realize this idea.

Anomaly Detection to Protect Networks from Advanced Persistent Threats Using Adaptive Resonance AI Concepts

Syed Rizvi, Iyonna Williams, Tanner Flock and Travis Flock

Pennsylvania State University 

In this paper, we improve the Advanced Persistent Threats (APT) attack detection rate accuracy by using an artificial intelligence based anomalous intrusion detection that will be based on unsupervised learning techniques. This system will be mainly network-based with a thin layer running on the host device. We plan to mainly use an unsupervised artificial intelligence technique that utilizes Adaptive Resonance theory that will be paired with a signature based system that will filter anomalous data and significantly improve detection rates and decrease false positive rates compared to typical anomalous intrusion detection system. If proven here, this system could be applied to future Intrusion Detection Systems and have the ability to significantly increase overall network security for an organization.

Why Compliance is needed for Internet of Things?

Syed Rizvi, Shakir Campbell and Kieran Alden

Pennsylvania State University 

The Internet of Things (IoT) is a relatively new concept that has been coined and is now commonly used in the field of Information Technology (IT). This concept is defined as many things, but the simplest way to describe IoT is as the culmination of all of the new devices, systems, applications, technology, etc. that are connected and have the capability to transfer or transmit data without the need of a human or computer. This developing industry is expected to have billions of devices interconnected in the next few years. This growth is happening in all branches of traditional IT. Different divisions of IT, such as the financial division or medical division of IT, are already moving to the IoT. While this technological advancement is conceptually astounding, just like anything new in the world of IT, there arise many questions about the security of, or lack thereof, IoT. Furthermore, the lack of laws and regulations that will set standards for security on the IoT, similarly to how traditional IT has compliance laws for each of the divisions of IT (medical, retail, financial, industrial, etc.). The main purpose of this paper is not to come up with a solution to the lack of security compliance pertaining to the IoT, but identify that the lack of compliance laws for IoT is a problem and that traditional IT compliance laws will not work for the IoT unless modified. Instead, new compliance standards should be established to address the security and privacy concerns of IoT.

Security Analysis of a SOHO Wi-Fi router

Sandeep Romana, Jyostna Grandhi and Pr Lakshmi Eswari

Centre for Development of Advanced Computing, India

Wi-Fi-enabled Small Office/Home Office (SOHO) routers have become ubiquitous for having internet access in many network environments. With the advent of the ‘Internet of Things’ (IoT) and smart devices, almost all household devices are connected to the internet via these Wi-Fi-enabled SOHO routers. There have been numerous reports of security issues in SOHO routers because of known vulnerabilities. Except for enterprise networks, these devices acting as gateways are rarely safeguarded properly. The reasons for neglecting the security of these devices are many. Reports suggest that users often deploy these devices with insecure default configurations, leaving them as easy prey in the hands of malice users. Due to the easy exploitability, these devices have become attackers’ paradise. The security analysis of these devices is often overlooked and challenging to undertake because of various versions of custom Linux based firmware and bootloaders they use. The security analysis of these devices holds strategic importance as they act as a gateway to almost every household which has access to the internet. In this paper, we list down the software and hardware interfaces of SOHO routers important for security analysis. We present a network environment for carrying out the security analysis of these devices. An iterative approach using static & dynamic analysis is described. Further, the static & dynamic analysis is augmented with symbolic analysis. To validate the described procedures, we present the case study of performing security analysis on a Netis WF2411 router. 

Document Representations to improve Topic Modelling?

Peddineni Venkata Poojitha and Remya R.K. Menon

Amrita Vishwa Vidyapeetham, India

We collect lots of information from web applications every day. So it is difficult to understand or detect what the whole data is about. To detect, understand and summaries the information we need some specific tools and techniques like topic modelling which helps to analyze and identify the crisp of the data. This paper implements the sparsity-based dictionary representation with Topic Modeling. It organizes the data with meaningful structure by using machine learning algorithms like LDA (Linear Dirichlet Allocation) and OMP (Orthogonal Matching Pursuit) algorithms. It identifies a document to belong to which topic as well as similarity between documents in an existing dictionary. The OMP algorithm is the best algorithm for sparse approximation, With better accuracy, the OMP algorithm can identify the topics to which the input document[Y] is mostly related to across a large collection of text documents present in a dictionary


Lightning Talk

Blockchain-based Service Performance Evaluation Method Using Native Cloud Environment

Taeyoung Kim and Hyung-Jong Kim

Seoul Women’s University

This study presents a performance evaluation system that helps blockchain-based service planners make decisions. This system is offered as Docker and Kubernetes for portability and flexibility.

A Study on Reflecting User Experiences for Sensor-based Android IoT Services

Jae-Yoon Ahn, Bo-Min Kim and Hyung-Jong Kim

Seoul Women’s University

Through this research, it is possible to perform optional encryption based on the user-experience of the sensor inside the Android smartphones. We conducted an questionnaire survey, derived the user’s encryption selection rate, and based on this, designed a sensor DB based on the user’s experience. Based on the accumulated experience of the user, it can also influence the user’s decision to proceed with the subsequent encryption.