November 2024
·
8 Reads
Computers & Security
This page lists works of an author who doesn't have a ResearchGate profile or hasn't added the works to their profile yet. It is automatically generated from public (personal) data to further our legitimate goal of comprehensive and accurate scientific recordkeeping. If you are this author and want this page removed, please let us know.
November 2024
·
8 Reads
Computers & Security
February 2024
·
329 Reads
·
1 Citation
The rise of Large Language Models (LLMs) has revolutionized our comprehension of intelligence bringing us closer to Artificial Intelligence. Since their introduction, researchers have actively explored the applications of LLMs across diverse fields, significantly elevating capabilities. Cybersecurity, traditionally resistant to data-driven solutions and slow to embrace machine learning, stands out as a domain. This study examines the existing literature, providing a thorough characterization of both defensive and adversarial applications of LLMs within the realm of cybersecurity. Our review not only surveys and categorizes the current landscape but also identifies critical research gaps. By evaluating both offensive and defensive applications, we aim to provide a holistic understanding of the potential risks and opportunities associated with LLM-driven cybersecurity.
October 2023
·
20 Reads
·
4 Citations
Computers & Security
January 2021
·
63 Reads
·
4 Citations
January 2018
·
462 Reads
·
22 Citations
Lecture Notes in Computer Science
The classification of vulnerabilities is a fundamental step to derive formal attributes that allow a deeper analysis. Therefore, it is required that this classification has to be performed timely and accurate. Since the current situation demands a manual interaction in the classification process, the timely processing becomes a serious issue. Thus, we propose an automated alternative to the manual classification, because the amount of identified vulnerabilities per day cannot be processed manually anymore. We implemented two different approaches that are able to automatically classify vulnerabilities based on the vulnerability description. We evaluated our approaches, which use Neural Networks and the Naive Bayes methods respectively, on the base of publicly known vulnerabilities.
October 2017
·
1,533 Reads
·
28 Citations
This paper discusses a new approach for designing and deploying Security-as-a-Service (SecaaS) applications using cloud native design patterns. Current SecaaS approaches are not designed to efficiently handle the increasing threats to computer systems and applications. For example, in the aftermath of a high-risk security vulnerability disclosure, requests for security assessments drastically increase, but SecaaS providers are not able to dynamically scale to serve these requests. A root cause of this challenge is employment of software architectures not specifically fitted to cloud environments. Traditional approaches for developing and deploying monolithic applications on cloud platforms consists bundling and deploying applications on cloud VMs. This approach hinders efficient scalability i.e. monolithic applications generally scale vertically and attempts at horizontal scaling are expensive i.e. entire VMs are replicated for every additional instance provisioned. Cloud native design patterns on the other hand apply microservices concept to decompose monolithic applications into smaller, independent components which are subsequently deployed as distributed systems. This approach enhances productivity, massive scalability and reduced costs since each component is managed and operated independently. For example, only components under heavy requests pressure are scaled horizontally, which is cheaper and more efficient. Hence, these design patterns are trending given that companies using them are gaining competitive advantages e.g Netflix and Uber. Similarly, research works investigating these design patterns are emerging. However adopting cloud native design patterns is a complex process, during which several security issues are introduced, yet these security implications are not being discussed. In this work, we investigate these security challenges, we redesign and deploy a monolithic SecaaS application using cloud native design patterns while considering appropriate, layered security counter-measures i.e. at the application and cloud networking layer. Our prototype implementation out-performs traditional, monolithic applications with an average Scanner Time of 6 minutes, without compromising security. Our approach can be employed to provide scalable and secure security services suitable for the increasing security assessment demands.
December 2015
·
417 Reads
·
1 Citation
Security issues are still prevalent in cloud computing particularly public cloud. Efforts by Cloud Service Providers to secure out-sourced resources are not sufficient to gain trust from customers. Service Level Agreements (SLAs) are currently used to guarantee security and privacy, however research into SLAs monitoring suggests levels of dissatisfaction from cloud users. Accordingly, enterprises favor private clouds such as OpenStack as they offer more control and security visibility. However, private clouds do not provide absolute security, they share some security challenges with public clouds and eliminate other challenges. Security metrics based approaches such as quantitative security assessments could be adopted to quantify security value of private and public clouds. Software quantitative security assessments provide extensive visibility into security postures and help assess whether or not security has improved or deteriorated. In this paper we focus on private cloud security using OpenStack as a case study, we conduct a quantitative assessment of OpenStack based on empirical data. Our analysis is multi-faceted, covering OpenStack major releases and services. We employ security metrics to determine the vulnerability density, vulnerability severity metrics and patching behavior. We show that OpenStack’s security has improved since inception, however concerted efforts are imperative for secure deployments, particularly in production environments.
December 2015
·
1,178 Reads
·
11 Citations
Vulnerability scanners are deployed in computer networks and software to timely identify security flaws and misconfigurations. However, cloud computing has introduced new attack vectors that requires commensurate change of vulnerability assessment strategies. To investigate the effectiveness of these scanners in cloud environments, we first conduct a quantitative security assessment of OpenStack’s vulnerability lifecycle and discover severe risk levels resulting from prolonged patch release duration. More specifically, there are long time lags between OpenStack patch releases and patch inclusion in vulnerability scanning engines. This scenario introduces sufficient time for malicious actions and creation of exploits such as zero-days. Mitigating these concern requires systems with current knowledge on events within the vulnerability lifecycle. However, current vulnerability scanners are designed to depend on information about publicly announced vulnerabilities which mostly includes only vulnerability disclosure dates. Accordingly, we propose a framework that would mitigate these risks by gathering and correlating information from several security information sources including exploit databases, malware signature repositories and Bug Tracking Systems. The information is thereafter used to automatically generate plugins armed with current information about zero-day exploits and unknown vulnerabilities. We have characterized two new security metrics to describe the discovered risks.
December 2015
·
201 Reads
·
8 Citations
Security issues are still prevalent in cloud computing particularly public cloud. Efforts by Cloud Service Providers to secure out-sourced resources are not sufficient to gain trust from customers. Service Level Agreements (SLAs) are currently used to guarantee security and privacy, however research into SLAs monitoring suggests levels of dissatisfaction from cloud users. Accordingly, enterprises favor private clouds such as OpenStack as they offer more control and security visibility. However, private clouds do not provide absolute security, they share some security challenges with public clouds and eliminate other challenges. Security metrics based approaches such as quantitative security assessments could be adopted to quantify security value of private and public clouds. Software quantitative security assessments provide extensive visibility into security postures and help assess whether or not security has improved or deteriorated. In this paper we focus on private cloud security using OpenStack as a case study, we conduct a quantitative assessment of OpenStack based on empirical data. Our analysis is multi-faceted, covering OpenStack major releases and services. We employ security metrics to determine the vulnerability density, vulnerability severity metrics and patching behavior. We show that OpenStack's security has improved since inception, however concerted efforts are imperative for secure deployments, particularly in production environments.
March 2009
·
18 Reads
·
3 Citations
This paper proposes a new federated authentication platform based on the Lock-Keeper system, which is a simple implementation of the high level security concept, ldquophysical separationrdquo. An integrated federated authentication gateway is realized within the Lock-Keeper components and deployed on the border between different security domains, which enables users to use their own digital identities for accessing services provided by external collaborating partners. User identities, credentials and all kinds of security tokens required by the authentication can be handled well by being physically isolated with outside. All the direct network connections to the target security domain are disabled by the Lock-Keeper's inherent sluice principle as well as normal electronic transactions and businesses can still be performed through the corresponding Lock-Keeper application modules. A number of known standards related to Web service security are implemented and can be reliably enforced in the isolated environment of the proposed framework.
... Motlagh et al. also explore the adversarial and defensive use cases for LLMs [16]. The authors outline the various ways in which LLMs are already misused, such as gathering information to prepare an attack (reconnaissance), gaining unauthorized access to target systems, evading detection, and creating malicious code. ...
February 2024
... Graph-based reputation propagation has played a key role in enhancing threat detection within Endpoint Detection and Response systems. By leveraging file-based relationship graphs alongside reputation propagation, these methods effectively identify malicious software [4,5,25,31,44,48,65]. Industry solutions such as Mastino [54], Polonium [3], and AESOP [61] have all implemented variations of graph-based guilt-by-association techniques to detect malware. ...
October 2023
Computers & Security
... For example, Blanco-Gonzalo et al. [4] summarized a user perspective UX assessment of biometric systems. Kohler et al. [11] reported the results of a comparative evaluation of biometric authentication system as an alternative to password from reliability, security and usability perspectives. Eastwood et al. [8] examined the risk assessment technique of the biometrics based on the Technology Gap Theory. ...
January 2021
... Huang et al. have utilized deep neural network methods for the automatic classification of vulnerabilities into various vulnerability categories using the NVD database [48]. Another work done by Ruohonen et al. utilizes a Naïve Bayes algorithm for vulnerability classification [49], [50]. Wåreus et al. present an automatic process of matching CVE summaries with CPEs through the machine learning task called Named Entity Recognition (NER) [51]. ...
January 2018
Lecture Notes in Computer Science
... Virtualisation technologies, such as 5G O-RAN, enable mapping virtual machines (VMs) and containers to physical resources. This facilitates designing and deploying novel SecaaS algorithms and features for future C-ITS [103]. However, this new architecture poses security concerns, especially when users lose physical control over their computation and data. ...
October 2017
... Caron et al. [26] proposed a security metric designed for cloud environments and using this metric, came up with optimized placements of VMs in line with user security requirements. Torkura et al. [27] performed a quantitative analysis on how security metrics could be used to improve cloud security, using OpenStack as a case study. Alhebaishi et al. [10] modeled cross-layer and co-residency attacks in the NFV stack and used optimized VM placement to mitigate such attacks. ...
Reference:
Towards 5G-ready Security Metrics
December 2015
... It was noted that the majority of currently conducted studies concentrated on identifying risks and recommending their countermeasure strategies without providing any severity rankwise reference for a specific danger over the architecture of the cloud [23]. Subashini and Kavita [24] talked about internal security issues relating to the interface API of web services and web browsers for accessing various services in the same year. In addition to discussing the multi-tenancy issue, this paper stressed the existence of authorization mechanisms, weak authentication, segregation, and weekly data isolation, which significantly influence the 3 most crucial security parameters: confidentiality, availability, and integrity [25]. ...
December 2015
... Currently, the commercial version of Lock- Keeper has already been developed and is now vended by Siemens [2]. Two different types of Lock-Keeper are available, the SingleGate and the DualGate [16] Lock- Keeper. To briefly explain how the Lock-Keeper works, a SingleGate Lock-Keeper system is introduced. ...
January 2003
... Currently, the commercial version of Lock- Keeper has already been developed and is now vended by Siemens [2]. Two different types of Lock-Keeper are available, the SingleGate and the DualGate [16] Lock- Keeper. To briefly explain how the Lock-Keeper works, a SingleGate Lock-Keeper system is introduced. ...
January 2003