Information Systems Security and Privacy (Communications in Computer and Information Science)

Preface
Organization
Contents
ICScope: Detecting and Measuring Vulnerable ICS Devices Exposed on the Internet
1 Introduction
2 Background and Related Works
2.1 Industrial Control System
2.2 Device Search Engines
2.3 Related Work
3 Motivation and Challenges
3.1 Motivation
3.2 Technical Challenges
4 ICScope
4.1 Architecture
4.2 Data Acquisition
4.3 Information Extraction
4.4 Vulnerability Association
5 Demystifying Internet-Facing ICS Devices Security Status
5.1 Data Collection
5.2 Accuracy Validation
5.3 The Honeypots in Internet-facing ICS Devices
5.4 The Advantage of Multiple Device Search Engines
5.5 The ICS Devices Affected by Public Vulnerabilities
5.6 The Statistics of ICS Vulnerabilities
5.7 The ICS Devices Affected by 0day Vulnerabilities
5.8 Comparison with Shodan Vulnerability Detection
5.9 The Security Status Trend of Exposed and Vulnerable ICS Devices
6 Discussion
7 Conclusion
References
Zero Update Encryption Adjustment on Encrypted Database Queries
1 Introduction
2 Preliminaries
2.1 Onion and Multi-layers Encryption
2.2 Encryption Adjustment Policies
2.3 Simple Encryption Adjustment
2.4 Release-Aware Encryption Adjustment
3 Zero Update Encryption Adjustment Case Study
4 Zero Update Encryption Adjustment Assessment
4.1 Variable Assessment
4.2 Comparing with Different Databases
5 Computational Load of Zero Update Encryption Adjustment
6 Performance and Security Analysis
6.1 Performance Analysis
6.2 Security Analysis
7 Experiments with Large Scale Dataset
8 Related Work
9 Summary
References
Evaluating Consumer Understanding and Awareness of Connected and Autonomous Vehicle Data Privacy
1 Introduction
2 Related Work
2.1 The Importance of Vehicular Data Privacy
2.2 The Education of the Consumer
2.3 Obtaining Consumer Trust
2.4 Consulting the Consumer in Research
3 Data Privacy Materials Available to the Consumer
4 Assessing Consumer Awareness
4.1 Consumer Survey
4.2 Focus Group
5 Results
5.1 Consumer Survey
5.2 Focus Group
6 Conclusions and Recommendations
6.1 Limitations and Future Work
References
Improving Data Security and Privacy for Ontology Based Data Access
1 Introduction
2 Related Work
3 Data Model-Independent Access Control
4 A Use Case for Healthcare Domain
4.1 Hospital Database
4.2 Hospital Ontology
4.3 Hospital Policy Ontology
4.4 Mappings Between the Database and Ontology
4.5 SPARQL Queries
5 Conclusions and Future Work
References
Experimentally Obtained Differential-Linear Distinguishers for Permutations of ASCON and DryGASCON
1 Introduction
2 Preliminaries
2.1 Ascon
2.2 DryGASCON
2.3 Undisturbed Bits
2.4 Truncated Differential Cryptanalysis
2.5 Linear Cryptanalysis
3 Differential-Linear Cryptanalysis
3.1 Differential-Linear Distinguishers for Ascon
3.2 Differential-Linear Distinguishers for DryGASCON
4 Conclusions
References
A Game Theoretic Approach to the Design of Mitigation Strategies for Generic Ransomware
1 Introduction
2 Background and Literature Review
3 Generic Ransomware
3.1 The Threat Landscape Involving Generic Ransomware
3.2 The Game Model for Generic Ransomware
4 Basic Results for Generic Ransomware
4.1 Conditions for Decision Making
4.2 Solutions Obtained Through Equilibrium Conditions and Strategies
4.3 Sensitivity Analysis to Validate the Results
4.4 Prescriptive Solution
5 A Special Case: APT Type Ransomware
6 Conclusions and Future Work
References
Author Index