While more organizations have been trying to move their infrastructure to the cloud in recent years, there have been significant challenges in the identity management in the hybrid cloud. This paper showcases a novel identity and access management ...

The advances in quantum computation are leading to higher computation capabilities, which is expected to reshape the cybersecurity environment. Quantum computers are expected to break most of the public-key security schemes, like RSA, Diffie-Hellman or ...

This paper investigates methods to secure Remote Terminal Units (RTUs) which are the building blocks of a smart grid systems - the next generation version to replace the power grid systems that are being used today. RTUs are identified as the heart of ...

In incident management, response and recovery actions are designed to effectively mitigate ongoing or future cyberattacks. A security playbook consists of a pipeline of instructions to document necessary response and recovery actions to deal with a ...

Increasingly evident safety risks due to attacks on safety-critical devices are causing new requirements for authentication of these devices’ human operators. These requirements have now extended to medical devices. However, authentication may also ...

Traffic categorization is considered of paramount importance in the network security sector, as well as the first stage in network anomaly detection, or in a network-based intrusion detection system (IDS). This paper introduces an artificial ...

Darknet marketplaces in the Tor network are popular places to anonymously buy and sell various kinds of illegal goods. Previous research on marketplaces ranged from analyses of type, availability and quality of goods to methods for identifying users. ...

Currently, digital media content is increasingly being used by cybercriminals for nefarious purposes. Such objects can be used, e.g., to covertly transfer malicious code to the infected host or to exfiltrate sensitive information from the secured ...

The popularity, variety, and number of Internet of Things (IoT) devices and solutions have been increasing significantly with each passing year. This diversity of devices, and limited computational, memory, and battery resources make it difficult to ...

An increasing trend exploits steganography to conceal payloads in digital images, e.g., to drop malicious executables or to retrieve configuration files. Due to the very attack-specific nature of the exploited hiding mechanisms, developing general ...

Times of crisis have long been combined with an increase in cybercrime, exploiting the general instability; therefore, in such times, systems and infrastructures face greater exposure to vulnerabilities. On top of that, the COVID-19 crisis has increased ...

Cryptojacking is one of the new threats that emerged several years ago with the growing popularity and increasing value of cryptocurrencies. In essence, it is a malicious technique where the attacker parasites on the victim’s resources like CPU time, ...

Access control languages are traditionally based on centralized trust models when achieving their security goals. One important reason for a lack of decentralized trust models for access control has been difficulties in referring to and accessing ...

The growing adoption of IT infrastructures determined a high heterogeneity of software systems. As matter of fact, the software is prone to vulnerabilities and cybersecurity problems, which are challenging to manage during the software lifecycle. The ...

What harms and consequences do patients experience after a medical data breach? This article aims at the improvement of privacy impact analysis for data breaches that involve personal medical data. The article has two major findings. First, scientific ...

In the past years Internet of Things (IoT) has received increasing attention by academia and industry due to the potential use in several human activities; however, IoT devices are vulnerable to various types of attacks. Many existing intrusion ...

Identification of cyber threats is one of the essential tasks for security teams. Currently, cyber threats can be identified using knowledge organized into various formats, enumerations, and knowledge bases. This paper studies the current challenges of ...

Challenge-response authentication is an essential and omnipresent network service. Thus, it is a lucrative target for attackers to transport covert information. We present two covert channels in nonce-based network authentication that allow the ...

PSA (Platform Security Architecture) Certified is a security certification scheme for IoT hardware, software, and devices. The scheme is composed of security certification (PSA Certified Level 1/2/3) and functional API certification (PSA Certified ...

Twitter is one of the popular social network platforms used by both humans and bots to share information, and to distribute misinformation or disinformation. The goal of this research is to explore state-of-the-art Twitter bot detection systems: ...