Computer Security: ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT, Luxembourg City, Luxembourg, September 26–27, 2019 Revised Selected Papers (Security and Cryptology)

CyberICPS 2019 Preface
CyberICPS 2019 Organization
SECPRE 2019 Preface
SECPRE 2019 Organization
SPOSE 2019 Preface
SPOSE 2019 Organization
ADIoT 2019 Preface
ADIoT 2019 Organization
Contents
CyberICPS Workshop
Anomaly Detection for Industrial Control Systems Using Sequence-to-Sequence Neural Networks
1 Introduction
2 Proposed Method
2.1 SWaT Dataset
2.2 Data Preprocessing
2.3 Sequence-to-Sequence Neural Networks
2.4 Measuring Prediction Error
2.5 Anomaly Decision Using Prediction Errors
3 Experiment
3.1 Training
3.2 Anomaly Detection
4 Analysis of Experimental Results
4.1 Analysis on False Negative (Undetected Attacks)
4.2 Analysis on False Positives (False Alarms)
5 Conclusion
References
Reflective Attenuation of Cyber-Physical Attacks
1 Introduction
2 Related Work
2.1 Attack Tolerance
2.2 Programmable Networking
2.3 Programmable Reflection
3 Preliminaries
3.1 System Model
3.2 Adversary Model
4 Our Approach
5 Experimental Results
6 Conclusion
References
Distributed UCON in CoAP and MQTT Protocols
1 Introduction
2 Background
2.1 iot Protocols
2.2 Usage Control
3 Introducing Distributed ucon in coap and mqtt
3.1 Architecture
3.2 ucon in coap
4 Experimental Evaluation of Our Framework
4.1 Example of Use Case
4.2 Implementation
4.3 Testbed and Timing Evaluation
5 Related Work
6 Conclusion
References
Towards the Creation of a Threat Intelligence Framework for Maritime Infrastructures
1 Introduction
2 Maritime Security
3 MAINFRAME Technologies
3.1 VERACITY
3.2 Threat Detection
3.3 Honeypots
3.4 Blockchain
3.5 Threat Visualization
4 Liquefied Natural Gas Carrier
5 Conclusion
References
Connect and Protect: Requirements for Maritime Autonomous Surface Ship in Urban Passenger Transportation
1 Introduction
2 Related Work
3 The APS Ecosystem
3.1 System Context
3.2 APS Stakeholders
3.3 Regulations, Standards, and Guidelines
3.4 APS Functions
4 Communication and Cybersecurity Requirements
4.1 Requirements Deriving from the Regulators' Perspective
4.2 Requirements Deriving from the Classification Society's Perspective
4.3 Requirements Deriving from the Service Providers' Perspective
4.4 Requirements Deriving from the Users' Perspective
5 Conclusion and Future Work
References
Simulation-Based Evaluation of DDoS Against Smart Grid SCADAs
Abstract
1 Introduction
2 State-of-the-Art Review
2.1 ICS Security
2.2 Denial of Service
2.3 ICS Testbeds
3 Problem Definition
4 System Architecture
4.1 Smart Grid ICS Testbed
4.2 SCADA Architecture
4.3 ICS DDoS Simulator
5 Experiments
5.1 Experiment #1: Zero Bots
5.2 Experiment #2: 1 Bot
5.3 Experiment #3: 5 Bots
6 Conclusion
Acknowledgment
References
Identifying Safety and Human Factors Issues in Rail Using IRIS and CAIRIS
1 Introduction
2 Related Work
2.1 Security and Safety Challenges in Rail Infrastructure
2.2 Bridging Security, Safety, and Human Factors
2.3 IRIS and CAIRIS
3 Approach
3.1 Asset Modelling and Their Associations
3.2 Roles and Attacker Personas
3.3 Vulnerabilities Identification and Threat Modelling
3.4 Risk Analysis
3.5 Task and Goal-Obstacle Modelling
3.6 Identification of Safety Hazards
3.7 Human Factors Analysis
4 Case Study - Polish Tram Incident
4.1 Asset Modelling and Their Associations
4.2 Roles and Attacker Personas
4.3 Vulnerabilities Identification and Threat Modelling
4.4 Risk Analysis
4.5 Task and Goal-Obstacle Modelling
4.6 Identification of Safety Hazards
4.7 Human Factors Analysis
5 Discussion and Conclusion
References
SECPRE Workshop
How Not to Use a Privacy-Preserving Computation Platform: Case Study of a Voting Application
1 Introduction
2 State of the Art
3 System Architecture
4 Voting
5 Tally
6 Conclusions
References
A Proposed Privacy Impact Assessment Method Using Metrics Based on Organizational Characteristics
Abstract
1 Introduction
2 Literature Review
3 The Proposed Security and Privacy Impact Assessment Method
3.1 Scope of the Proposed Method
3.2 Theoretical Background
3.2.1 Data Sets Definitions
3.2.2 The Role of Privacy Principles, Privacy and Security Requirements
3.3 Quantification of Security and Privacy Requirements
3.3.1 Security Requirements and Data Sets’ Sensitivity
3.3.2 Privacy Requirements and Principles
3.4 The Proposed PIA Method
4 Conclusions
Acknowledgment
References
A Conceptual Redesign of a Modelling Language for Cyber Resiliency of Healthcare Systems
Abstract
1 Introduction
2 Background
2.1 Healthcare Cyber Resiliency
2.2 Security-Oriented Modelling Languages
3 Redesign Decisions and Challenges
3.1 Justification for the Use of Secure Tropos
3.2 Redesign Challenges
3.3 Healthcare Cyber Resiliency Challenges
3.4 Conceptual Metamodel Redesign
3.5 Incident Redesign
3.6 Healthcare Redesign
3.7 Resiliency Redesign
4 Case Study
5 Conclusions
References
Shaping Digital Identities in Social Networks: Data Elements and the Role of Privacy Concerns
Abstract
1 Introduction
2 Forming Digital Identities in Social Networks
3 Research Design
3.1 Research Hypotheses
3.2 Research Model
3.3 Survey Design
3.4 Sampling and Survey Execution
3.5 Research Validation
4 Analysis of Survey Results
4.1 Users’ Understanding of Digital Identity
4.2 Findings on H1: The Effect of Privacy Concerns on Digital Identity Formation
4.3 Findings on H2 and H3: Social Network Influence on Digital Identity Formation and Privacy Concerns
5 Discussion
6 Conclusions and Further Research
Acknowledgement
References
GDPR Compliance: Proposed Technical and Organizational Measures for Cloud Providers
Abstract
1 Introduction
2 GDPR Requirements
2.1 Material and Territorial Scope
2.2 Data Protection Principles
2.3 Consent
2.4 Children – Parental Consent
2.5 Sensitive Data and Lawful Processing
2.6 Information Notices
2.7 Subject Access, Rectification and Portability
2.8 Rights to Object
2.9 Right to Erasure and Right to Restriction of Processing
2.10 Profiling and Automated Decision-Taking
2.11 Accountability, Security and Breach Notification
3 Countermeasures Depending on the Cloud Architecture
3.1 GDPR Roles and Cloud Architectures
3.2 Infrastructure as a Service
3.3 Platform as a Service
3.4 Software as a Service
4 Conclusions
Acknowledgment
References
On the Applicability of Security and Privacy Threat Modeling for Blockchain Applications
1 Introduction
2 Background
3 Blockchain Threat Types
4 Compatibility Assessment
5 Conclusion
References
Privacy, Security, Legal and Technology Acceptance Requirements for a GDPR Compliance Platform
Abstract
1 Introduction
2 The Defend Project and Its Position in the Industry
2.1 Industry State of the Art
2.2 Literature State of the Art
2.3 The DEFeND Project
3 An Holistic Engineering Approach: Functional, Privacy, Security, Legal and Acceptance Needs
3.1 Stakeholder Analysis
3.2 Privacy and Security Needs
3.3 Legal Needs
3.4 Technology Acceptance Needs
4 A Methodology to Elicit Software Requirements for a GDPR Compliance Platform
4.1 Preparation of Questionnaires
4.2 Validation of Questionnaires
4.3 Data Collection Approach
4.4 Data Analysis Approach
5 Eliciting Requirements for a GDPR Compliance Platform
5.1 Functional and Privacy/Security Requirements
5.2 Legal Requirements
5.3 Acceptance Requirements
6 Requirements’ Engineering for a GDPR Compliance Platform: Lessons Learned
6.1 Academic Implications
6.2 Industrial Implications
7 Conclusions
Acknowledgments
References
Uncertainty-Aware Authentication Model for IoT
Abstract
1 Introduction
2 Background and Related Work
3 Proposed Model
4 Methodology
4.1 Dataset Synthesis
4.2 Prediction Models for Authentication
5 Results and Discussion
6 Conclusion and Future Work
From ISO/IEC 27002:2013 Information Security Controls to Personal Data Protection Controls: Guidelines for GDPR Compliance
1 Introduction
2 Background Information: Challenges in Personal Data Protection in the GDPR Era
3 ISO27001 Certification and the ISO27k Standards
4 From Information Security Controls to Personal Data Protection Controls
4.1 Enhancing Information Security Policies with Data Protection Policies
4.2 Extending Organisation of Information Security with Personal Data Protection Structures and Roles
4.3 Expanding Controls on Human Resources Security to Protect Personal Data Handled by Employees
4.4 Enhancing Asset Management with Personal Data Management
4.5 Implementing Data Protection-by-Design and -by-Default in Access Control
4.6 Employing Cryptography
4.7 Enhancing Communications Security with Personal Data Protection Objectives
4.8 Acquiring, Developing and Maintaining Systems Following Data Protection Principles
4.9 Managing Supplier Relationships While Protecting Personal Data
4.10 Including Data Breach Notification in Incident Management
4.11 Enhancing Compliance to Satisfy Lawfulness of Processing
4.12 Modules that Support GDPR Compliance
5 Enhancing the ISMS Framework with Personal Data Protection Risks Management
6 Conclusions
References
SPOSE Workshop
On the Trade-Off Between Privacy and Utility in Mobile Services: A Qualitative Study
1 Introduction
2 Motivation and Background
3 Methodology
3.1 Study Approaches and Participants
3.2 Scenarios and Data Collection
4 Results
4.1 Factors Contributing to the Trade-Off
4.2 Desired Adoption of, and Trust in, The Privacy-Preserving Technologies
4.3 Privacy Concerns Across Cultures
5 Discussion
References
Analysis of Automation Potentials in Privacy Impact Assessment Processes
1 Introduction
2 Related Work
3 Envisioned System Architecture
4 Process Analysis
4.1 Preparation Stage
4.2 Evaluation Stage
4.3 Report and Safeguards Stage
5 Discussion
References
An Insight into Decisive Factors in Cloud Provider Selection with a Focus on Security
1 Introduction
2 Related Work
2.1 Security Assurance
2.2 CP Selection
2.3 Security, Threat Models and Compliance
3 Methodology
3.1 Sample Selection and Conduction of Interviews
3.2 Data Analysis
4 Interview Results
4.1 The Role of Security in CP Selection
4.2 Reasons for Moderate Interest in Security
4.3 Verification of Providers' Security Measures
4.4 Compliance and the General Data Protection Regulation
5 Discussion
5.1 Threats to Validity and Limitations
6 Conclusion
References
Discrete Event Simulation of Jail Operations in Pursuit of Organizational Culture Change
Abstract
1 Introduction
1.1 Conditions of Confinement and Facility Operations
1.2 Jail Versus Prison
1.3 Drivers of Jail Design
1.4 The New York City Jail System
1.5 Factors Driving the Conceptual Design (See Appendix A, Fig. 1)
1.6 Operational Validation (See Appendix A, Fig. 5)
1.7 How We Proceeded
2 Conceptual Design
2.1 Housing Unit Layout (See Appendix A, Figs. 3 and 4)
2.2 Glazed End Wall (See Appendix A, Figs. 10, 11, 12 and 13)
2.3 Mezzanine Walkways and Stairs (See Appendix A, Figs. 3, 4, 12 and 13)
2.4 Housing Support (See Appendix A, Figs. 3 and 4)
2.5 Contact Visitation (See Appendix A, Fig. 3)
2.6 Services Mall (See Appendix A, Fig. 4)
2.7 Rated Stair Towers (See Appendix A, Fig. 2)
3 A Different Approach
3.1 Detainee Movement (See Appendix A, Figs. 6, 7 and 8)
3.2 Why a New Approach
3.3 Institutional Culture in the Jails
3.4 Psychological Drivers in Jails
4 Simulations for Design that Helps Generate Positive Organizational Culture
4.1 Validity of Simulations (See Appendix A, Fig. 5)
4.2 Stair Tower Bottlenecks (See Appendix A, Figs. 2, 6, 7 and 8)
4.3 Adjusting Model Parameters
4.4 Log Jams (See Appendix A, Figs. 3, 4, 6, 7 and 8)
4.5 Direction of Movement (See Appendix A, Figs. 6, 7 and 8)
4.6 Additional Mitigation Strategies
4.7 Key Performance Indicators (See Appendix A, Fig. 9)
4.8 Future Work
5 Conclusions
Appendix A
References
ADIoT Workshop
A Basic Theory of Lightweight Hierarchical Key Predistribution Scheme
1 Introduction
1.1 Motivation
1.2 Our Contribution
1.3 Organization
2 Preliminary
2.1 Key Predistribution Scheme: An Overview
2.2 Hierarchical KPS (HKPS)
2.3 Evaluation Metrics
2.4 Combinatorial Designs and KPS
3 A Deterministic Hierarchical KPS
3.1 Hierarchical Design and HKPS
3.2 A Product Based HKPS
3.3 A Hash Chain Based HKPS (HC-HKPS)
4 Instantiation to a Selected KPS
4.1 Sensornet ch21DS17
4.2 Instantiation to Sensornet
5 Conclusion
References
Adversarial Examples for Hardware-Trojan Detection at Gate-Level Netlists
1 Introduction
2 Related Works
2.1 Hardware Trojan and Its Detection Utilizing Neural Networks
2.2 Adversarial Example
3 AE Attacks on Hardware Design
3.1 Scenario of the AE Attacks
3.2 Trojan-Net Concealment Degree and Modification Evaluating Value
3.3 Modification Method
4 Experiments
4.1 Experimental Setup
4.2 Six AE Patterns
4.3 Evaluation Without the Amount of Modifications
4.4 Evaluation with the Amount of Modifications
5 Conclusion
References
Selective Forwarding Attack on IoT Home Security Kits
1 Introduction
2 Related Work
3 Methodology
4 Results
4.1 Heartbeats in Swann
4.2 Heartbeats in D-Link Hub
4.3 Heartbeats in D-Link Camera
4.4 Heartbeats in Panasonic
4.5 Heartbeats in Telldus
4.6 Heartbeats in Samsung SmartThings
4.7 Summary
5 Threat Model
5.1 Wi-Fi Attacks
5.2 DNS Server Hijacking
5.3 Network Attacks
5.4 Automated Attack Against Swann Using Evil-Twin Wi-Fi AP
6 Discussion
6.1 Recommendations and Countermeasures
6.2 Responsible Disclosure Exercise
7 Conclusion
References
Denial-of-Service Attacks and Countermeasures in the RPL-Based Internet of Things
1 Introduction
2 Background
2.1 IoT Reference Model and Attack Vectors
2.2 RPL Protocol: Overview
3 Related Work
4 Implementing IoT Attacks in Cooja
4.1 Scenarios
4.2 Simulation Parameters and Metrics
4.3 Simulation Results
5 Proposed Threshold-Based IDS
5.1 IDS Architecture and Components
5.2 Attack Detection Methods
5.3 Border Router
6 IDS Evaluation
6.1 Implemented Algorithms
6.2 Metrics and Simulation Configuration
6.3 Scenarios and Topologies
6.4 Results
7 Conclusion and Future Work
References
Study of DNS Rebinding Attacks on Smart Home Devices
1 Introduction
2 DNS Rebinding Attack
2.1 High-Level Concept
2.2 Attack Methods
2.3 Countermeasures
2.4 Requirements
3 Descriptions of Experiments
3.1 Attacker Model
3.2 Experimental Setup
3.3 DNS Rebinding on Websites in the Wild
4 Results
4.1 Smart Home Devices
4.2 Measuring DNS Rebinding Attempts on Popular Websites
5 Discussion
6 Related Work
7 Conclusion
References
Anomaly Detection in the HVAC System Operation by a RadViz Based Visualization-Driven Approach
1 Introduction
2 Related Work
3 Visualization-Driven Approach
3.1 RadViz Visualization of the HVAC Data
3.2 Supplementary Visualization Models
4 Case Study and Discussion
5 Conclusions
References
Secure Location Verification: Why You Want Your Verifiers to Be Mobile
1 Introduction
2 System Model and Notation
2.1 Problem Statement
2.2 System Model
2.3 Threat Model
2.4 Use Cases
3 Location Verification Protocol (MoVers)
3.1 Controlled Mobility
4 Security Analysis
4.1 Single Verifier
4.2 Two Verifiers
4.3 More Verifiers or More Transmissions
5 Coordinated Controlled Mobility
6 Uncoordinated Mobility
6.1 Simulation Design
6.2 Parameter Selection
6.3 Opportunistic/Random Mobility
6.4 Uncoordinated Controlled Mobility
7 Related Work
8 Conclusion
References
Author Index