Browse Proceedings

Intersection attacks, which are popular traffic analysis attacks, have been extensively studied in anonymous point-to-point communication scenarios. These attacks are also known to be challenging threats to anonymous group communication, e.g., ...

Individuals are frequently confronted with privacy-related decisions under uncertainty especially in online contexts. The resulting privacy concerns are a decisive factor for individuals to (not) use online services. In order to support ...

We introduce a linkability attack variant on 5G AKA that we call the Replay In GUTI (RIG) attack. Our attack investigates the case where the temporary identifier GUTI is used for identification. Recalling that the GUTI-based identification is the ...

In recent years, Local differential privacy (LDP), as a strong privacy preserving methodology, has been widely deployed in real world applications. It allows the users to perturb their data locally on their own devices before being sent out for ...

Mobile networks are vital for modern societies. Recent generations of mobile communication systems have introduced increased security and privacy features to enhance their trust and reliability capabilities. Several well-known vulnerabilities, ...

The increased number of data breaches and sophisticated attacks have created a need for early detection mechanisms. Reports indicate that it may take up to 200 days to identify a data breach and entail average costs of up to $4.85 million. To cope ...

Trusted execution environments like Intel SGX allow developers to protect sensitive code in so-called enclaves. These enclaves protect their code and data even in the cases of a compromised OS. However, such enclaves have also been shown to be ...

With the rising popularity of cryptocurrencies and the increasing value of the whole industry, people are incentivized to join and earn revenues by cryptomining—using computational resources for cryptocurrency transaction verification. ...

Speech consists of voiced and unvoiced segments that differ in their production process and exhibit different characteristics. In this paper, we investigate the spectral differences between bonafide and spoofed speech for voiced and unvoiced ...$\mathrm{}$

Distributed Reflective Denial of Service (DRDoS) attacks exploit Internet facing devices with the purpose to involve them in DoS incidents. In turn, these devices unwittingly amplify and redirect the attack traffic towards the victim. As a result, ...

Modern computer networks are secured with a wide range of products, including firewalls, intrusion detection and prevention systems (IDS/IPS), and access control mechanisms. But despite the multiple layers of security, these measures can be ...

The last few decades have seen several hardware-level features to enhance security, but due to security, performance, and/or usability issues these features have attracted steady criticism. One such feature is the Intel Memory Protection ...

Attack generation from an abstract model of a protocol is not an easy task. We present BIFROST (Bifrost Implements Formally Reliable prOtocols for Security and Trust), a tool that takes an abstract model of a cryptographic protocol and outputs an ...

Interactive zero-knowledge systems are a very important cryptographic primitive, used in many applications, especially when deniability (also known as non-transferability) is desired. In the lattice-based setting, the currently most efficient ...

Figuring out whether a particular semantic functionality exists in a binary program is challenging. While pattern-matching-based detection is susceptible to syntactic changes of the code, formal equivalence proofs quickly hit complexity ...

Malware analysis techniques are divided into static and dynamic analysis. Both techniques can be bypassed by circumvention techniques such as obfuscation. In a series of works, the authors have promoted the use of symbolic executions combined with ...

Wearable devices are becoming more prevalent in the daily life of society, ranging from smartwatches, and fitness bracelets to accessories and headphones. These devices, both from their hardware manufacturing and wireless firmware development ...

Unmanned Aerial Vehicles (also known as drones) are an increasingly important source of forensic evidence, especially for commercial drones offered by the market leader DJI. The forensic analysis of this type of evidence, however, is still in its ...

The operational complexity and dynamicity of clouds highlight the importance of automated solutions for explaining the root cause of security incidents. Most existing works rely on human analysts to interpret provenance graphs for root causes of ...

Applying Cyber Threat Intelligence for active cyber defence, while potentially very beneficial, is currently limited to predominantly manual use. In this paper, we propose an automated approach for using Cyber Threat Intelligence during incident ...