Search results

  1. Programming Experience Might Not Help in Comprehending Obfuscated Source Code Efficiently

    Norman Hänsch, Friedrich-Alexander-Universität Erlangen-Nürnberg; Andrea Schankin, Karlsruhe Institute of Technology; Mykolai Protsenko, Fraunhofer Institute for Applied and Integrated Security; Felix Freiling and Zinaida Benenson, Friedrich-Alexander-Uni ...

    admin - December 4, 2021 - 7:30 pm

  2. Developers Deserve Security Warnings, Too: On the Effect of Integrated Security Advice on Cryptographic API Misuse

    Peter Leo Gorski and Luigi Lo Iacono, Cologne University of Applied Sciences; Dominik Wermke and Christian Stransky, Leibniz University Hannover; Sebastian Möller, Technical University Berlin; Yasemin Acar, Leibniz University Hannover; Sascha Fahl, Ruhr-U ...

    admin - December 4, 2021 - 7:30 pm

  3. Mirror, Mirror, On the Wall: What are we Teaching Them All? Characterising the Focus of Cybersecurity Curricular Frameworks

    Joseph Hallett, Robert Larson, and Awais Rashid, University of Bristol Many cybersecurity curricular frameworks exist, but are they all equal? If a student takes a course based on one framework, what should they expect to get out of it? Different framewor ...

    admin - December 4, 2021 - 12:30 pm

  4. Teaching with angr: A Symbolic Execution Curriculum and CTF

    Jacob Springer and Wu-chang Feng, Portland State University Symbolic execution is an essential tool in modern program analysis and vulnerability discovery. The technique is used to both find and fix vulnerabilities as well as to identify and exploit them. ...

    admin - December 4, 2021 - 12:30 pm

  5. Hackerbot: Attacker Chatbots for Randomised and Interactive Security Labs, Using SecGen and oVirt

    Z. Cliffe Schreuders, Thomas Shaw, Aimée Mac Muireadhaigh, and Paul Staniforth, Leeds Beckett University Capture the flag (CTF) has been applied with success in cybersecurity education, and works particularly well when learning offensive techniques. Howev ...

    admin - December 4, 2021 - 12:30 pm

  6. Git-based CTF: A Simple and Effective Approach to Organizing In-Course Attack-and-Defense Security Competition

    challenge. In this paper, we propose a simple, but effective approach that we refer to as Git-based CTF to ...

    admin - December 4, 2021 - 12:30 pm

  7. Authenticity, Ethicality, and Motivation: A Formal Evaluation of a 10-week Computer Security Alternate Reality Game for CS Undergraduates

    John R. Morelock, Virginia Tech; Zachary Peterson, Cal Poly, San Luis Obispo Alternate reality games (ARGs) have been shown to have desirable characteristics for computer security education and student motivation. We implemented a 10-week-long ARG in an i ...

    admin - December 4, 2021 - 12:30 pm

  8. Phishing Attacks: Learning by Doing

    Tom Chothia, Stefan-Ioan Paiu, and Michael Oultram, Univ. of Birmingham Phishing, and particularly spear phishing, is a major security concern, however it is often not taught in any detail on security courses. Showing students examples of what they know t ...

    admin - December 4, 2021 - 12:30 pm

  9. InfoSec Cinema: Using Films for Information Security Teaching

    Jorge Blasco and Elizabeth A. Quaglia, Royal Holloway, University of London We present InfoSec Cinema, a film-based teaching activity that uses commercial films to teach information security. We analyse ten films to verify their suitability and build a pu ...

    admin - December 4, 2021 - 12:30 pm

  10. CLARK – The Cybersecurity Labs and Resource Knowledge-base – A Living Digital Library

    Melissa Dark, Purdue University; Sidd Kaza and Blair Taylor, Towson University It is clear that in order to address the cybersecurity education and workforce crisis, the challenges are not just numerous but also inextricably linked. The least of which inc ...

    admin - December 4, 2021 - 1:30 pm

  11. Lowering the Barriers to Industrial Control System Security with GRFICS

    David Formby, Georgia Institute of Technology and Fortiphyd Logic; Milad Rad, Georgia Institute of Technology; Raheem Beyah, Georgia Institute of Technology and Fortiphyd Logic Despite the abundance of free online resources and increased research into inn ...

    admin - December 4, 2021 - 1:30 pm

  12. King of the Hill: A Novel Cybersecurity Competition for Teaching Penetration Testing

    competition. In this paper, we present the design, implementation, and initial run of King of the Hill (KotH), ...

    admin - December 4, 2021 - 1:30 pm

  13. A Case Study-based Cybersecurity Ethics Curriculum

    and Masooda Bashir, University of Illinois at Urbana-Champaign This paper describes the rationale for ...

    admin - December 4, 2021 - 1:30 pm

  14. MultiFlow: Cross-Connection Decoy Routing using TLS 1.3 Session Resumption

    Victoria Manfredi and Pi Songkuntham, Wesleyan University Most approaches to circumventing Internet censorship and monitoring use conventional proxies which are accessed directly by their IP addresses and so are easily blocked. Decoy routing is an alterna ...

    admin - December 4, 2021 - 9:30 am

  15. Measuring the Political and Social Implications of Government-Initiated Cyber Shutdowns

    research paper reflects on two novel experimental designs that quantitatively measure how citizens respond ...

    admin - December 4, 2021 - 9:30 am

  16. Analyzing China's Blocking of Unpublished Tor Bridges

    Arun Dunna, Ciarán O'Brien, and Phillipa Gill, University of Massachusetts Amherst At the end of 2011, China's Great Firewall (GFW) began to block unpublished Tor bridges. Past studies of this blocking have found that the firewall implements bot ...

    admin - December 4, 2021 - 9:30 am

  17. From Russia With Crypto: A Political History of Telegram

    Nathalie Marechal, University of Southern California This paper offers a political history of ... The paper then analyzes Telegram’s ideology and politics by focusing, in turn, on Telegram’s emergence ...

    admin - December 4, 2021 - 9:30 am

  18. An analysis of automatic image filtering on WeChat Moments

    Jeffrey Knockel, Lotus Ruan, and Masashi Crete-Nishihata, Citizen Lab We report results from a series of experiments that uncover mechanisms used to filter images on WeChat, the most popular social media platform in China. Our results inform strategies fo ...

    admin - December 4, 2021 - 10:30 am

  19. Automatically Generating a Large, Culture-Specific Blocklist for China

    Austin Hounsel, Prateek Mittal, and Nick Feamster, Princeton University Internet censorship measurements rely on lists of websites to be tested, or “block lists” that are curated by third parties. Unfortunately, many of these lists are not public, and tho ...

    admin - December 4, 2021 - 10:30 am

  20. Exploring User Mental Models of End-to-End Encrypted Communication Tools

    Ruba Abu-Salma, University College London; Elissa M. Redmiles, University of Maryland; Blase Ur and Miranda Wei, University of Chicago End-to-end (E2E) encrypted communication tools can help users keep their communications secure from government or corpor ...

    admin - December 4, 2021 - 10:30 am

  21. A Bestiary of Blocking: The Motivations and Modes behind Website Unavailability

    and Mobin Javed, LUMS; Vern Paxson, ICSI and UC Berkeley This paper examines different reasons for web ...

    admin - December 4, 2021 - 10:30 am

  22. HSTS Supports Targeted Surveillance

    Paul Syverson and Matthew Traudt, U.S. Naval Research Laboratory HTTP Strict Transport Security (HSTS) was introduced to force clients to use HTTPS connections on sites that support it, thus preventing Man in the Middle and other attacks. HSTS has always ...

    admin - December 4, 2021 - 10:30 am

  23. A Cryptographic Airbag for Metadata: Protecting Business Records Against Unlimited Search and Seizure

    a time when more and more messages are being encrypted from end-to-end. In this paper, we present a new ...

    admin - December 4, 2021 - 10:30 am

  24. Malware Analysis Through High-level Behavior

    Xiyue Deng and Jelena Mirkovic, Information Sciences Institute, University of Southern California Malware is becoming more and more stealthy to evade detection and analysis. Stealth techniques often involve code transformation, ranging from equivalent cod ...

    admin - December 4, 2021 - 1:30 pm

  25. Cyber Operations Stress Survey (COSS): Studying fatigue, frustration, and cognitive workload in cybersecurity operations

    Josiah Dykstra and Celeste Lyn Paul, U.S. Department of Defense Operator stress is a common, persistent, and disabling effect of cyber operations and an important risk factor for performance, safety, and employee burnout. We designed the Cyber Operations ...

    admin - December 4, 2021 - 1:30 pm

Pages