@Preamble{"\input bibnames.sty" #
"\ifx \undefined \booktitle \def \booktitle #1{{{\em #1}}} \fi" #
"\ifx \undefined \TM \def \TM {${}^{\sc TM}$} \fi"
}
@String{ack-nhfb = "Nelson H. F. Beebe,
University of Utah,
Department of Mathematics, 110 LCB,
155 S 1400 E RM 233,
Salt Lake City, UT 84112-0090, USA,
Tel: +1 801 581 5254,
FAX: +1 801 581 4148,
e-mail: \path|beebe@math.utah.edu|,
\path|beebe@acm.org|,
\path|beebe@computer.org| (Internet),
URL: \path|http://www.math.utah.edu/~beebe/|"}
@String{j-DTRAP = "Digital Threats: Research and Practice
(DTRAP)"}
@Article{Lakhotia:2020:DTR,
author = "Arun Lakhotia and Leigh Metcalf",
title = "Digital Threats: Research and Practice Inaugural Issue
Editorial",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "1:1--1:3",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3380320",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3380320",
acknowledgement = ack-nhfb,
articleno = "1",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Cormack:2020:IFS,
author = "Andrew Cormack and Jeroen {Van der Ham}",
title = "Introduction to the {FIRST} Special Issue",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "2:1--2:3",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3380746",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3380746",
acknowledgement = ack-nhfb,
articleno = "2",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Durvaux:2020:SPP,
author = "Fran{\c{c}}ois Durvaux and Marc Durvaux",
title = "{SCA-Pitaya}: a Practical and Affordable Side-Channel
Attack Setup for Power Leakage-Based Evaluations",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "3:1--3:16",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3371393",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3371393",
abstract = "Athough side-channel attacks appeared more than two
decades ago, they remain very little discussed by
security professionals outside the academia or very
specific sectors (e.g., smartcard industry,
governments). However, with the increasing \ldots{}",
acknowledgement = ack-nhfb,
articleno = "3",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{VanderToorn:2020:LBH,
author = "Olivier {Van der Toorn} and Anna Sperotto",
title = "Looking Beyond the Horizon: Thoughts on Proactive
Detection of Threats",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "4:1--4:13",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3373639",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3373639",
abstract = "The Internet exposes us to cyberthreats attacking
information, services, and the Internet infrastructure
itself. Such attacks are typically detected in a
reactive fashion. The downside of this approach is that
alerts of an attack are issued as it is \ldots{}",
acknowledgement = ack-nhfb,
articleno = "4",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Tien:2020:MLF,
author = "Chin-Wei Tien and Shang-Wen Chen and Tao Ban and
Sy-Yen Kuo",
title = "Machine Learning Framework to Analyze {IoT} Malware
Using {ELF} and Opcode Features",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "5:1--5:19",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3378448",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3378448",
abstract = "Threats to devices that are part of the Internet of
Things (IoT) are on the rise. Owing to the overwhelming
diversity of IoT hardware and software, as well as its
variants, conventional anti-virus techniques based on
the Windows paradigm cannot be \ldots{}",
acknowledgement = ack-nhfb,
articleno = "5",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Kohlrausch:2020:ASS,
author = "Jan Kohlrausch and Eugene A. Brin",
title = "{ARIMA} Supplemented Security Metrics for Quality
Assurance and Situational Awareness",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "6:1--6:21",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3376926",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3376926",
abstract = "Quality assurance and situational awareness are
important areas of interest for CSIRTs and security
teams. Significant efforts have been made on defining
metrics measuring critical parameters for these fields
of application. However, methodical \ldots{}",
acknowledgement = ack-nhfb,
articleno = "6",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sacher:2020:FFP,
author = "Desiree Sacher",
title = "Fingerpointing False Positives: How to Better
Integrate Continuous Improvement into Security
Monitoring",
journal = j-DTRAP,
volume = "1",
number = "1",
pages = "7:1--7:7",
month = mar,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3370084",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Apr 7 12:42:02 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3370084",
abstract = "Security incidents created during the security
continuous monitoring process (ISCM, NIST 800-137 [1])
can be a valuable source for improving company
processes and an efficient reference for budget
planning if used correctly. The idea presented in this
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "7",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Waked:2020:SST,
author = "Louis Waked and Mohammad Mannan and Amr Youssef",
title = "The Sorry State of {TLS} Security in Enterprise
Interception Appliances",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "8:1--8:26",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3372802",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3372802",
abstract = "Network traffic inspection, including TLS traffic, in
enterprise environments is widely practiced. Reasons
for doing so are primarily related to improving
enterprise security (e.g., phishing and malicious
traffic detection) and meeting legal \ldots{}",
acknowledgement = ack-nhfb,
articleno = "8",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Shukla:2020:TUI,
author = "Diksha Shukla and Partha Pratim KUNDU and Ravichandra
Malapati and Sujit Poudel and Zhanpeng Jin and Vir V.
Phoha",
title = "Thinking Unveiled: an Inference and Correlation Model
to Attack {EEG} Biometrics",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "9:1--9:29",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3374137",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3374137",
abstract = "Very few studies have explored linkages between
physiological, such as electroencephalograph (EEG), and
behavioral patterns, such as wrist movements. These
linkages provide us a unique mechanism to predict one
set of patterns from other related \ldots{}",
acknowledgement = ack-nhfb,
articleno = "9",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Gajrani:2020:VVV,
author = "Jyoti Gajrani and Meenakshi Tripathi and Vijay Laxmi
and Gaurav Somani and Akka Zemmari and Manoj Singh
Gaur",
title = "{Vulvet}: Vetting of Vulnerabilities in {Android} Apps
to Thwart Exploitation",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "10:1--10:25",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3376121",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3376121",
abstract = "Data security and privacy of Android users is one of
the challenging security problems addressed by the
security research community. A major source of the
security vulnerabilities in Android apps is attributed
to bugs within source code, insecure APIs, \ldots{}",
acknowledgement = ack-nhfb,
articleno = "10",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Cai:2020:TOA,
author = "Yegui Cai and George O. M. Yee and Yuan Xiang Gu and
Chung-Horng Lung",
title = "Threats to Online Advertising and Countermeasures: a
Technical Survey",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "11:1--11:27",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3374136",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3374136",
abstract = "Online advertising, also known as web advertising or
Internet marketing, is the means and process of
promoting products and services on the Internet, and it
has been one of the important business models for the
Internet. Due to its lucrative nature and \ldots{}",
acknowledgement = ack-nhfb,
articleno = "11",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Zhou:2020:FNE,
author = "Xinyi Zhou and Atishay Jain and Vir V. Phoha and Reza
Zafarani",
title = "Fake News Early Detection: a Theory-driven Model",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "12:1--12:25",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3377478",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3377478",
abstract = "Massive dissemination of fake news and its potential
to erode democracy has increased the demand for
accurate fake news detection. Recent advancements in
this area have proposed novel techniques that aim to
detect fake news by exploring how it \ldots{}",
acknowledgement = ack-nhfb,
articleno = "12",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Koot:2020:FNC,
author = "Matthijs Koot",
title = "Field Note on {CVE-2019-11510}: Pulse Connect Secure
{SSL-VPN} in {The Netherlands}",
journal = j-DTRAP,
volume = "1",
number = "2",
pages = "13:1--13:7",
month = jul,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3382765",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sun Jul 12 11:50:01 MDT 2020",
bibsource = "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/abs/10.1145/3382765",
abstract = "This Field Note describes the case of a critical
unauthenticated RCE vulnerability in an SSL-VPN product
that remained unpatched at a large scale-up and until
after exploits became public. Approximately 14,500
systems worldwide were reportedly unpatched at the end
of August 2019. Two weeks after exploits emerged in
public, both GCHQ and NSA released notices that the
vulnerability was being exploited by APT actors. The
present Field Note describes observations from the
Netherlands and includes reflections in an attempt to
stimulate thinking on how to improve the status quo,
such as through coordinated proactive measures by
CSIRTs.",
acknowledgement = ack-nhfb,
articleno = "13",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Burton:2020:ULT,
author = "Ren{\'e}e Burton",
title = "Unsupervised Learning Techniques for Malware
Characterization: Understanding Certain {DNS}-based
{DDoS} Attacks",
journal = j-DTRAP,
volume = "1",
number = "3",
pages = "14:1--14:26",
month = sep,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3377869",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:08 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3377869",
abstract = "This article details data science research in the area
of Cyber Threat Intelligence applied to a specific type
of Distributed Denial of Service (DDoS) attack. We
study a DDoS technique prevalent in the Domain Name
System (DNS) for which little malware \ldots{}",
acknowledgement = ack-nhfb,
articleno = "14",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Scofield:2020:AML,
author = "Daniel Scofield and Craig Miles and Stephen Kuhn",
title = "Automated Model Learning for Accurate Detection of
Malicious Digital Documents",
journal = j-DTRAP,
volume = "1",
number = "3",
pages = "15:1--15:21",
month = sep,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3379505",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:08 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3379505",
abstract = "Modern cyber attacks are often conducted by
distributing digital documents that contain malware.
The approach detailed herein, which consists of a
classifier that uses features derived from dynamic
analysis of a document viewer as it renders the
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "15",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Laurenza:2020:MTE,
author = "Giuseppe Laurenza and Riccardo Lazzeretti and Luca
Mazzotti",
title = "Malware Triage for Early Identification of Advanced
Persistent Threat Activities",
journal = j-DTRAP,
volume = "1",
number = "3",
pages = "16:1--16:17",
month = sep,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3386581",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:08 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3386581",
abstract = "In the past decade, a new class of cyber-threats,
known as ``Advanced Persistent Threat'' (APT), has
emerged and has been used by different organizations to
perform dangerous and effective attacks against
financial and politic entities, critical \ldots{}",
acknowledgement = ack-nhfb,
articleno = "16",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Steinhauser:2020:DTI,
author = "Anton{\'\i}n Steinhauser and Petr Tuma",
title = "Database Traffic Interception for Graybox Detection of
Stored and Context-sensitive {XSS}",
journal = j-DTRAP,
volume = "1",
number = "3",
pages = "17:1--17:23",
month = sep,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3399668",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:08 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3399668",
abstract = "Cross site scripting (XSS) is a type of a security
vulnerability that permits injecting malicious code
into the client side of a web application. In the
simplest situations, XSS vulnerabilities arise when a
web application includes the user input in the
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "17",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Gutzwiller:2020:GOS,
author = "Robert Gutzwiller and Josiah Dykstra and Bryan Payne",
title = "Gaps and Opportunities in Situational Awareness for
Cybersecurity",
journal = j-DTRAP,
volume = "1",
number = "3",
pages = "18:1--18:6",
month = sep,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3384471",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:08 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3384471",
abstract = "Demand is present among security practitioners for
improving cyber situational awareness (SA), but
capability and assessment have not risen to match. SA
is an integral component of cybersecurity for everyone
from individuals to business to response \ldots{}",
acknowledgement = ack-nhfb,
articleno = "18",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Perdisci:2020:IAS,
author = "Roberto Perdisci and Martina Lindorfer and Adam
Doup{\'e} and Andrea Lanzi and Alexandros Kapravelos
and Gianluca Stringhini",
title = "Introduction to the {ACSAC'19} Special Issue --- {Part
1}",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "19e:1--19e:3",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3437251",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3437251",
acknowledgement = ack-nhfb,
articleno = "19e",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Agadakos:2020:LSD,
author = "Ioannis Agadakos and Nicholas Demarinis and Di Jin and
Kent Williams-King and Jearson Alfajardo and Benjamin
Shteinfeld and David Williams-King and Vasileios P.
Kemerlis and Georgios Portokalidis",
title = "Large-scale Debloating of Binary Shared Libraries",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "19:1--19:28",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3414997",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3414997",
abstract = "Developers nowadays have access to an arsenal of
toolkits and libraries for rapid application
prototyping. However, when an application loads a
library, the entirety of that library's code is mapped
into the process address space, even if only a single
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "19",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Palit:2020:MDO,
author = "Tapti Palit and Fabian Monrose and Michalis
Polychronakis",
title = "Mitigating Data-only Attacks by Protecting
Memory-resident Sensitive Data",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "20:1--20:26",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419475",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419475",
abstract = "Gaining reliable arbitrary code execution through the
exploitation of memory corruption vulnerabilities is
becoming increasingly more difficult in the face of
modern exploit mitigations. Facing this challenge,
adversaries have started shifting their \ldots{}",
acknowledgement = ack-nhfb,
articleno = "20",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Chevalier:2020:ISC,
author = "Ronny Chevalier and David Plaquin and Chris Dalton and
Guillaume Hiet",
title = "Intrusion Survivability for Commodity Operating
Systems",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "21:1--21:30",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419471",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419471",
abstract = "Despite the deployment of preventive security
mechanisms to protect the assets and computing
platforms of users, intrusions eventually occur. We
propose a novel intrusion survivability approach to
withstand ongoing intrusions. Our approach relies on an
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "21",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Osman:2020:SAA,
author = "Tousif Osman and Mohammad Mannan and Urs Hengartner
and Amr Youssef",
title = "Securing Applications against Side-channel Attacks
through Resource Access Veto",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "22:1--22:29",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3416124",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3416124",
abstract = "Apps on modern mobile operating systems can access
various system resources with, or without, an explicit
user permission. Although the OS generally maintains
strict separation between apps, an app can still get
access to another app's private \ldots{}",
acknowledgement = ack-nhfb,
articleno = "22",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Karim:2020:ADA,
author = "Imtiaz Karim and Fabrizio Cicala and Syed Rafiul
Hussain and Omar Chowdhury and Elisa Bertino",
title = "{ATFuzzer}: Dynamic Analysis Framework of {AT}
Interface for {Android} Smartphones",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "23:1--23:29",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3416125",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3416125",
abstract = "Application processors of modern smartphones use the
AT interface for issuing high-level commands (or
AT-commands) to the baseband processor for performing
cellular network operations (e.g., placing a phone
call). Vulnerabilities in this interface can \ldots{}",
acknowledgement = ack-nhfb,
articleno = "23",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sanchez-Rola:2020:CPT,
author = "Iskander Sanchez-Rola and Davide Balzarotti and Igor
Santos",
title = "Cookies from the Past: Timing Server-side Request
Processing Code for History Sniffing",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "24:1--24:24",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419473",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419473",
abstract = "Cookies were originally introduced as a way to provide
state awareness to websites, and they are now one of
the backbones of the current web. However, their use is
not limited to store the login information or to save
the current state of user browsing. \ldots{}",
acknowledgement = ack-nhfb,
articleno = "24",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Ukrop:2020:WYT,
author = "Martin Ukrop and Lydia Kraus and Vashek Matyas",
title = "Will You Trust This {TLS} Certificate?: Perceptions of
People Working in {IT} (Extended Version)",
journal = j-DTRAP,
volume = "1",
number = "4",
pages = "25:1--25:29",
month = dec,
year = "2020",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419472",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:09 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419472",
abstract = "Flawed TLS certificates are not uncommon on the
Internet. While they signal a potential issue, in most
cases they have benign causes (e.g., misconfiguration
or even deliberate deployment). This adds fuzziness to
the decision on whether to trust a \ldots{}",
acknowledgement = ack-nhfb,
articleno = "25",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Perdisci:2021:IAS,
author = "Roberto Perdisci and Martina Lindorfer and Adam
Doup{\'e} and Andrea Lanzi and Alexandros Kapravelos
and Gianluca Stringhini",
title = "Introduction to the {ACSAC'19} Special Issue --- Vol.
2",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "1:1--1:2",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3437253",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3437253",
acknowledgement = ack-nhfb,
articleno = "1",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Desmet:2021:POS,
author = "Lieven Desmet and Jan Spooren and Thomas Vissers and
Peter Janssen and Wouter Joosen",
title = "{Premadoma}: an Operational Solution to Prevent
Malicious Domain Name Registrations in the {\tt .eu}
{TLD}",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "2:1--2:24",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419476",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419476",
abstract = "DNS is one of the most essential components of the
Internet, mapping domain names to the IP addresses
behind almost every online service. Domain names are
therefore also a fundamental tool for attackers to
quickly locate and relocate their malicious \ldots{}",
acknowledgement = ack-nhfb,
articleno = "2",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Nakatsuka:2021:PPD,
author = "Yoshimichi Nakatsuka and Andrew Paverd and Gene
Tsudik",
title = "{PDoT}: Private {DNS}-over-{TLS} with {TEE} Support",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "3:1--3:22",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3431171",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3431171",
abstract = "Security and privacy of the Internet Domain Name
System (DNS) have been longstanding concerns. Recently,
there is a trend to protect DNS traffic using Transport
Layer Security (TLS). However, at least two major
issues remain: (1) How do clients \ldots{}",
acknowledgement = ack-nhfb,
articleno = "3",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Genc:2021:CMG,
author = "Ziya Alper Gen{\c{c}} and Gabriele Lenzini and Daniele
Sgandurra",
title = "Cut-and-Mouse and Ghost Control: Exploiting Antivirus
Software with Synthesized Inputs",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "4:1--4:23",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3431286",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3431286",
abstract = "To protect their digital assets from malware attacks,
most users and companies rely on antivirus (AV)
software. AVs' protection is a full-time task against
malware: This is similar to a game where malware, e.g.,
through obfuscation and polymorphism, \ldots{}",
acknowledgement = ack-nhfb,
articleno = "4",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Usui:2021:ARE,
author = "Toshinori Usui and Yuto Otsuki and Tomonori Ikuse and
Yuhei Kawakoya and Makoto Iwamura and Jun Miyoshi and
Kanta Matsuura",
title = "Automatic Reverse Engineering of Script Engine
Binaries for Building Script {API} Tracers",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "5:1--5:31",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3416126",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3416126",
abstract = "Script languages are designed to be easy-to-use and
require low learning costs. These features provide
attackers options to choose a script language for
developing their malicious scripts. This diversity of
choice in the attacker side unexpectedly \ldots{}",
acknowledgement = ack-nhfb,
articleno = "5",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sikder:2021:ACA,
author = "Amit Kumar Sikder and Leonardo Babun and A. Selcuk
Uluagac",
title = "{Aegis+}: a Context-aware Platform-independent
Security Framework for Smart Home Systems",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "6:1--6:33",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3428026",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3428026",
abstract = "The introduction of modern Smart Home Systems (SHSs)
is redefining the way we perform everyday activities.
Today, myriad SHS applications and the devices they
control are widely available to users. Specifically,
users can easily download and install the \ldots{}",
acknowledgement = ack-nhfb,
articleno = "6",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Dash:2021:SAA,
author = "Pritam Dash and Mehdi Karimibiuki and Karthik
Pattabiraman",
title = "Stealthy Attacks against Robotic Vehicles Protected by
Control-based Intrusion Detection Techniques",
journal = j-DTRAP,
volume = "2",
number = "1",
pages = "7:1--7:25",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3419474",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3419474",
abstract = "Robotic vehicles (RV) are increasing in adoption in
many industrial sectors. RVs use auto-pilot software
for perception and navigation and rely on sensors and
actuators for operating autonomously in the physical
world. Control algorithms have been used \ldots{}",
acknowledgement = ack-nhfb,
articleno = "7",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Amiet:2021:BVP,
author = "Nils Amiet",
title = "Blockchain Vulnerabilities in Practice",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "8:1--8:7",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3407230",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/bitcoin.bib;
http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3407230",
abstract = "Blockchains are not invulnerable. There are known
vulnerabilities in various blockchain ecosystem
components. This field note describes some
vulnerabilities observed in smart contracts and node
software, their exploitation, and how to avoid them,
with a \ldots{}",
acknowledgement = ack-nhfb,
articleno = "8",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Zafarani:2021:IRT,
author = "Reza Zafarani and Huan Liu and Vir V. Phoha and Javad
Azimi",
title = "Inroduction on Recent Trends and Perspectives in Fake
News Research",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "13:1--13:3",
month = mar,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3448634",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Tue Mar 30 16:33:10 MDT 2021",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3448634",
acknowledgement = ack-nhfb,
articleno = "13",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Konstantinovskiy:2021:TAF,
author = "Lev Konstantinovskiy and Oliver Price and Mevan
Babakar and Arkaitz Zubiaga",
title = "Toward Automated Factchecking: Developing an
Annotation Schema and Benchmark for Consistent
Automated Claim Detection",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "14:1--14:16",
month = jun,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3412869",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:29:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3412869",
abstract = "In an effort to assist factcheckers in the process of
factchecking, we tackle the claim detection task, one
of the necessary stages prior to determining the
veracity of a claim. It consists of identifying the set
of sentences, out of a long text, deemed \ldots{}",
acknowledgement = ack-nhfb,
articleno = "14",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Datta:2021:PSS,
author = "Pratim Datta and Mark Whitmore and Joseph K. Nwankpa",
title = "A Perfect Storm: Social Media News, Psychological
Biases, and {AI}",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "15:1--15:21",
month = jun,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3428157",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:29:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3428157",
abstract = "In an age where news information is created by
millions and consumed by billions over social media
(SM) every day, issues of information biases, fake
news, and echo-chambers have dominated the corridors of
technology firms, news corporations, policy \ldots{}",
acknowledgement = ack-nhfb,
articleno = "15",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Valecha:2021:FNS,
author = "Rohit Valecha and Srikrishna Krishnarao Srinivasan and
Tejaswi Volety and K. Hazel Kwon and Manish Agrawal and
H. Raghav Rao",
title = "Fake News Sharing: an Investigation of Threat and
Coping Cues in the Context of the {Zika} Virus",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "16:1--16:16",
month = jun,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3410025",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:29:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3410025",
abstract = "Fake news has become a growing problem for societies,
spreading virally and transforming into harmful impacts
in social networks. The problem of fake news is even
more troubling in the healthcare context. In the
healthcare literature, it has been well \ldots{}",
acknowledgement = ack-nhfb,
articleno = "16",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Huang:2021:IRW,
author = "Teng-Chieh Huang and Razieh Nokhbeh Zaeem and K.
Suzanne Barber",
title = "Identifying Real-world Credible Experts in the
Financial Domain",
journal = j-DTRAP,
volume = "2",
number = "2",
pages = "17:1--17:14",
month = jun,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3446783",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:29:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3446783",
abstract = "Establishing a solid mechanism for finding credible
and trustworthy people in online social networks is an
important first step to avoid useless, misleading, or
even malicious information. There is a body of existing
work studying trustworthiness of \ldots{}",
acknowledgement = ack-nhfb,
articleno = "17",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{VanDerHam:2021:TBU,
author = "Jeroen {Van Der Ham}",
title = "Toward a Better Understanding of ``Cybersecurity''",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "18:1--18:3",
month = sep,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3442445",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3442445",
abstract = "The term ``cybersecurity'' has gained widespread
popularity but has not been defined properly. The term
is used by many different people to mean different
things in different contexts. A better understanding of
``cybersecurity'' will allow us a better \ldots{}",
acknowledgement = ack-nhfb,
articleno = "18",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Metcalf:2021:EDB,
author = "Leigh Metcalf and Jonathan M. Spring",
title = "The Ecosystem of Detection and Blocklisting of Domain
Generation",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "19:1--19:22",
month = sep,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3423951",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3423951",
abstract = "Malware authors use domain generation algorithms to
establish more reliable communication methods that can
avoid reactive defender blocklisting techniques.
Network defense has sought to supplement blocklists
with methods for detecting machine-generated \ldots{}",
acknowledgement = ack-nhfb,
articleno = "19",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Jacobs:2021:EPS,
author = "Jay Jacobs and Sasha Romanosky and Benjamin Edwards
and Idris Adjerid and Michael Roytman",
title = "{Exploit Prediction Scoring System (EPSS)}",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "20:1--20:17",
month = jul,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3436242",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3436242",
abstract = "Despite the large investments in information security
technologies and research over the past decades, the
information security industry is still immature when it
comes to vulnerability management. In particular, the
prioritization of remediation \ldots{}",
acknowledgement = ack-nhfb,
articleno = "20",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Lamp:2021:ECA,
author = "Josephine Lamp and Carlos E. Rubio-Medrano and Ziming
Zhao and Gail-Joon Ahn",
title = "\pkg{ExSol}: Collaboratively Assessing Cybersecurity
Risks for Protecting Energy Delivery Systems",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "21:1--21:23",
month = jul,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3428156",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3428156",
abstract = "No longer just prophesied about, cyber-attacks to
Energy Delivery Systems (EDS) (e.g., the power grid,
gas and oil industries) are now very real dangers that
result in non-trivial economical losses and
inconveniences to modern societies. In such a
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "21",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Happa:2021:ADS,
author = "Jassim Happa and Ioannis Agrafiotis and Martin
Helmhout and Thomas Bashford-Rogers and Michael
Goldsmith and Sadie Creese",
title = "Assessing a Decision Support Tool for {SOC} Analysts",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "22:1--22:35",
month = sep,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3430753",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3430753",
abstract = "It is difficult to discern real-world consequences of
attacks on an enterprise when investigating
network-centric data alone. In recent years, many tools
have been developed to help understand attacks using
visualisation, but few aim to predict real-. \ldots{}",
acknowledgement = ack-nhfb,
articleno = "22",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Kumar:2021:TAG,
author = "Rajesh Kumar and Can Isik and Vir V. Phoha",
title = "{Treadmill Assisted Gait Spoofing (TAGS)}: an Emerging
Threat to Wearable Sensor-based Gait Authentication",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "23:1--23:17",
month = sep,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3442151",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3442151",
abstract = "In this work, we examine the impact of Treadmill
Assisted Gait Spoofing on Wearable Sensor-based Gait
Authentication (WSGait). We consider more realistic
implementation and deployment scenarios than the
previous study, which focused only on the \ldots{}",
acknowledgement = ack-nhfb,
articleno = "23",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Iliou:2021:DAW,
author = "Christos Iliou and Theodoros Kostoulas and Theodora
Tsikrika and Vasilis Katos and Stefanos Vrochidis and
Ioannis Kompatsiaris",
title = "Detection of Advanced {Web} Bots by Combining {Web}
Logs with Mouse Behavioural Biometrics",
journal = j-DTRAP,
volume = "2",
number = "3",
pages = "24:1--24:26",
month = sep,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3447815",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3447815",
abstract = "Web bots vary in sophistication based on their
purpose, ranging from simple automated scripts to
advanced web bots that have a browser fingerprint,
support the main browser functionalities, and exhibit a
humanlike behaviour. Advanced web bots are \ldots{}",
acknowledgement = ack-nhfb,
articleno = "24",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Dykstra:2021:INS,
author = "Josiah Dykstra and Neil Rowe and Timothy Shimeall and
Angela Horneman and Marisa Midler",
title = "Introduction: On the Nature of Situational Awareness",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "25:1--25:3",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3462334",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3462334",
acknowledgement = ack-nhfb,
articleno = "25",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Ring:2021:MHB,
author = "John H. Ring and Colin M. {Van Oort} and Samson Durst
and Vanessa White and Joseph P. Near and Christian
Skalka",
title = "Methods for Host-based Intrusion Detection with Deep
Learning",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "26:1--26:29",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3461462",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3461462",
abstract = "Host-based Intrusion Detection Systems (HIDS)
automatically detect events that indicate compromise by
adversarial applications. HIDS are generally formulated
as analyses of sequences of system events such as bash
commands or system calls. Anomaly-based. \ldots{}",
acknowledgement = ack-nhfb,
articleno = "26",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Samtani:2021:ICT,
author = "Sagar Samtani and Weifeng Li and Victor Benjamin and
Hsinchun Chen",
title = "Informing Cyber Threat Intelligence through Dark {Web}
Situational Awareness: The {AZSecure} Hacker Assets
Portal",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "27:1--27:10",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3450972",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3450972",
abstract = "To increase situational awareness, major cybersecurity
platforms offer Cyber Threat Intelligence (CTI) about
emerging cyber threats, key threat actors, and their
modus operandi. However, this intelligence is often
reactive, as it analyzes event log files \ldots{}",
acknowledgement = ack-nhfb,
articleno = "27",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Aksoy:2021:DLC,
author = "Sinan G. Aksoy and Emilie Purvine and Stephen J.
Young",
title = "Directional {Laplacian} Centrality for Cyber
Situational Awareness",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "28:1--28:28",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3450286",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3450286",
abstract = "Cyber operations is drowning in diverse, high-volume,
multi-source data. To get a full picture of current
operations and identify malicious events and actors,
analysts must see through data generated by a mix of
human activity and benign automated \ldots{}",
acknowledgement = ack-nhfb,
articleno = "28",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Happa:2021:DND,
author = "Jassim Happa and Thomas Bashford-Rogers and Alastair
Janse {Van Rensburg} and Michael Goldsmith and Sadie
Creese",
title = "Deception in Network Defences Using Unpredictability",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "29:1--29:26",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3450973",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3450973",
abstract = "In this article, we propose a novel method that aims
to improve upon existing moving-target defences by
making them unpredictably reactive using probabilistic
decision-making. We postulate that unpredictability can
improve network defences in two key \ldots{}",
acknowledgement = ack-nhfb,
articleno = "29",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Aleroud:2021:ANT,
author = "Ahmed Aleroud and Fan Yang and Sai Chaithanya
Pallaprolu and Zhiyuan Chen and George Karabatis",
title = "Anonymization of Network Traces Data through
Condensation-based Differential Privacy",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "30:1--30:23",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3425401",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3425401",
abstract = "Network traces are considered a primary source of
information to researchers, who use them to investigate
research problems such as identifying user behavior,
analyzing network hierarchy, maintaining network
security, classifying packet flows, and much \ldots{}",
acknowledgement = ack-nhfb,
articleno = "30",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Metcalf:2021:ESI,
author = "Leigh Metcalf",
title = "Editorial on the Special Issue on Election Security",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "31:1--31:1",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3471534",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3471534",
acknowledgement = ack-nhfb,
articleno = "31",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Glazer:2021:MSL,
author = "Amanda K. Glazer and Jacob V. Spertus and Philip B.
Stark",
title = "More Style, Less Work: Card-style Data Decrease
Risk-limiting Audit Sample Sizes",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "32:1--32:15",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3457907",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3457907",
abstract = "U.S. elections rely heavily on computers such as voter
registration databases, electronic pollbooks, voting
machines, scanners, tabulators, and results reporting
websites. These introduce digital threats to election
outcomes. Risk-limiting audits (. \ldots{}",
acknowledgement = ack-nhfb,
articleno = "32",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Mccorry:2021:SVB,
author = "Patrick Mccorry and Maryam Mehrnezhad and Ehsan
Toreini and Siamak F. Shahandashti and Feng Hao",
title = "On Secure E-Voting over Blockchain",
journal = j-DTRAP,
volume = "2",
number = "4",
pages = "33:1--33:13",
month = dec,
year = "2021",
CODEN = "????",
DOI = "https://doi.org/10.1145/3461461",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:57 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/bitcoin.bib;
http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3461461",
abstract = "This article discusses secure methods to conduct
e-voting over a blockchain in three different settings:
decentralized voting, centralized remote voting, and
centralized polling station voting. These settings
cover almost all voting scenarios that occur \ldots{}",
acknowledgement = ack-nhfb,
articleno = "33",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Anonymous:2022:ISI,
author = "Anonymous",
title = "Introduction to the Special Issue on Insider Threats",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "1:1--1:3",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3477501",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3477501",
acknowledgement = ack-nhfb,
articleno = "1",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Zimmer:2022:IDN,
author = "Ephraim Zimmer and Christian Burkert and Hannes
Federrath",
title = "Insiders Dissected: New Foundations and a
Systematisation of the Research on Insiders",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "2:1--2:35",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3473674",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3473674",
abstract = "The insider threat is often cited as one of the most
challenging threats for security practitioners. Even
though this topic is receiving considerable attention,
two main problems remain unsolved. First, research on
insider threats is focusing on many \ldots{}",
acknowledgement = ack-nhfb,
articleno = "2",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Williams:2022:RIA,
author = "Adam D. Williams and Shannon N. Abbott and Nathan
Shoman and William S. Charlton",
title = "Results From Invoking Artificial Neural Networks to
Measure Insider Threat Detection \& Mitigation",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "3:1--3:20",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3457909",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3457909",
abstract = "Advances on differentiating between malicious intent
and natural ``organizational evolution'' to explain
observed anomalies in operational workplace patterns
suggest benefit from evaluating collective behaviors
observed in the facilities to improve insider
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "3",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sticha:2022:SOD,
author = "Paul J. Sticha and Tirso E. Diaz and Elise T. Axelrad
and Sean D. Vermillion and Dennis M. Buede",
title = "Simulating Organizational Data from Redacted Input for
Inference Enterprise Modeling",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "4:1--4:30",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3457910",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3457910",
abstract = "Organizations that use data to assess insider threats,
or other workforce outcomes, need to evaluate the
quality of their assessment methods. This evaluation
relies on an accurate representation of the predictors
and criterion variables within the \ldots{}",
acknowledgement = ack-nhfb,
articleno = "4",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Zheng:2022:UDM,
author = "Panpan Zheng and Shuhan Yuan and Xintao Wu",
title = "Using {Dirichlet} Marked {Hawkes} Processes for
Insider Threat Detection",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "5:1--5:19",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3457908",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3457908",
abstract = "Malicious insiders cause significant loss to
organizations. Due to an extremely small number of
malicious activities from insiders, insider threat is
hard to detect. In this article, we present a Dirichlet
Marked Hawkes Process (DMHP) to detect malicious
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "5",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Bromander:2022:ISC,
author = "Siri Bromander and Morton Swimmer and Lilly Pijnenburg
Muller and Audun J{\o}sang and Martin Eian and Geir
Skj{\o}tskift and Fredrik Borg",
title = "Investigating Sharing of Cyber Threat Intelligence and
Proposing A New Data Model for Enabling Automation in
Knowledge Representation and Exchange",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "6:1--6:22",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3458027",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3458027",
abstract = "For a strong, collective defense in the digital
domain, we need to produce, consume, analyze, and share
cyber threat intelligence. With an increasing amount of
available information, we need automation to ensure
adequate efficiency. We present the results \ldots{}",
acknowledgement = ack-nhfb,
articleno = "6",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Mainardi:2022:PAC,
author = "Nicholas Mainardi and Alessandro Barenghi and Gerardo
Pelosi",
title = "Privacy-aware Character Pattern Matching over
Outsourced Encrypted Data",
journal = j-DTRAP,
volume = "3",
number = "1",
pages = "7:1--7:38",
month = mar,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3462333",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Wed Mar 2 07:28:58 MST 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3462333",
abstract = "Providing a method to efficiently search into
outsourced encrypted data, without forsaking strong
privacy guarantees, is a pressing concern rising from
the separation of data ownership and data management
typical of cloud-based applications. While several
\ldots{}",
acknowledgement = ack-nhfb,
articleno = "7",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Rodriguez:2022:ISI,
author = "Ricardo J. Rodr{\'\i}guez and Xabier Ugarte-Pedrero
and Juan Tapiador",
title = "Introduction to the Special Issue on Challenges and
Trends in Malware Analysis",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "8:1--8:2",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3536319",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3536319",
acknowledgement = ack-nhfb,
articleno = "8",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{deWit:2022:DDM,
author = "J. S. Panman de Wit and D. Bucur and J. van der Ham",
title = "Dynamic Detection of Mobile Malware Using Smartphone
Data and Machine Learning",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "9:1--9:24",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3484246",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3484246",
abstract = "Mobile malware are malicious programs that target
mobile devices. They are an increasing problem, as seen
with the rise of detected mobile malware samples per
year. The number of active smartphone users is expected
to grow, stressing the importance of \ldots{}",
acknowledgement = ack-nhfb,
articleno = "9",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{DElia:2022:EDB,
author = "Daniele Cono D'Elia and Lorenzo Invidia and Federico
Palmaro and Leonardo Querzoni",
title = "Evaluating Dynamic Binary Instrumentation Systems for
Conspicuous Features and Artifacts",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "10:1--10:13",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3478520",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3478520",
abstract = "Dynamic binary instrumentation (DBI) systems are a
popular solution for prototyping heterogeneous program
analyses and monitoring tools. Several works from
academic and practitioner venues have questioned the
transparency of DBI systems, with anti-. \ldots{}",
acknowledgement = ack-nhfb,
articleno = "10",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Filho:2022:ECT,
author = "Ailton Santos Filho and Ricardo J. Rodr{\'\i}guez and
Eduardo L. Feitosa",
title = "Evasion and Countermeasures Techniques to Detect
Dynamic Binary Instrumentation Frameworks",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "11:1--11:28",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3480463",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3480463",
abstract = "Dynamic Binary Instrumentation (DBI) is a dynamic
analysis technique that allows arbitrary code to be
executed when a program is running. DBI frameworks have
started to be used to analyze malicious applications.
As a result, different approaches have \ldots{}",
acknowledgement = ack-nhfb,
articleno = "11",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Perdisci:2022:IAS,
author = "Roberto Perdisci and Martina Lindorfer and Gianluca
Stringhini",
title = "Introduction to the {ACSAC'20} Special Issue",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "12:1--12:2",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3534708",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3534708",
acknowledgement = ack-nhfb,
articleno = "12",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Alder:2022:FPU,
author = "Fritz Alder and Jo {Van Bulck} and Jesse Spielman and
David Oswald and Frank Piessens",
title = "Faulty Point Unit: {ABI} Poisoning Attacks on Trusted
Execution Environments",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "13:1--13:26",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3491264",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib;
http://www.math.utah.edu/pub/tex/bib/fparith.bib",
URL = "https://dl.acm.org/doi/10.1145/3491264",
abstract = "This article analyzes a previously overlooked attack
surface that allows unprivileged adversaries to impact
floating-point computations in enclaves through the
Application Binary Interface (ABI). In a comprehensive
study across 7 industry-standard and esearch enclave
shielding runtimes for Intel Software Guard Extensions
(SGX), we show that control and state registers of the
x87 Floating-Point Unit (FPU) and Intel Streaming SIMD
Extensions are not always properly sanitized on enclave
entry. We furthermore show that this attack goes beyond
the x86 architecture and can also affect RISC-V
enclaves. Focusing on SGX, we abuse the adversary's
control over precision and rounding modes as an ABI
fault injection primitive to corrupt enclaved
floating-point operations. Our analysis reveals that
this is especially relevant for applications that use
the older x87 FPU, which is still under certain
conditions used by modern compilers. We exemplify the
potential impact of ABI quality-degradation attacks for
enclaved machine learning and for the SPEC benchmarks.
We then explore the impact on confidentiality, showing
that control over exception masks can be abused as a
controlled channel to recover enclaved multiplication
operands. Our findings, affecting 5 of 7 studied SGX
runtimes and one RISC-V runtime, demonstrate the
challenges of implementing high-assurance trusted
execution across computing architectures.",
acknowledgement = ack-nhfb,
articleno = "13",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Rosso:2022:SMT,
author = "Martin Rosso and Michele Campobasso and Ganduulga
Gankhuyag and Luca Allodi",
title = "{SAIBERSOC}: a Methodology and Tool for Experimenting
with Security Operation Centers",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "14:1--14:29",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3491266",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3491266",
abstract = "In this article, we introduce SAIBERSOC (Synthetic
Attack Injection to Benchmark and Evaluate the
Performance of Security Operation Centers), a tool and
methodology enabling security researchers and operators
to evaluate the performance of deployed and \ldots{}",
acknowledgement = ack-nhfb,
articleno = "14",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Oesch:2022:UPS,
author = "Sean Oesch and Ruba Abu-Salma and Oumar Diallo and
Juliane Kr{\"a}mer and James Simmons and Justin Wu and
Scott Ruoti",
title = "User Perceptions of Security and Privacy for Group
Chat",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "15:1--15:29",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3491265",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3491265",
abstract = "Secure messaging tools are an integral part of modern
society. To understand users' security and privacy
perceptions and requirements for secure group chat, we
surveyed 996 respondents in the US and UK. Our results
show that group chat presents important \ldots{}",
acknowledgement = ack-nhfb,
articleno = "15",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}
@Article{Sun:2022:CRV,
author = "Sheng Sun",
title = "A Chosen Random Value Attack on {WPA3 SAE}
Authentication Protocol",
journal = j-DTRAP,
volume = "3",
number = "2",
pages = "16:1--16:8",
month = jun,
year = "2022",
CODEN = "????",
DOI = "https://doi.org/10.1145/3468526",
ISSN = "2692-1626 (print), 2576-5337 (electronic)",
ISSN-L = "2576-5337",
bibdate = "Sat Jul 30 07:34:14 MDT 2022",
bibsource = "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib;
http://www.math.utah.edu/pub/tex/bib/dtrap.bib",
URL = "https://dl.acm.org/doi/10.1145/3468526",
abstract = "Simultaneous Authentication of Equals (SAE) is a
password-authenticated key exchange protocol that is
designed to replace the WPA2-PSK-based authentication.
The SAE authenticated key exchange protocol supports
the peer-to-peer authentication and is one of he major
authentication mechanisms of the Authentication and Key
Management Suite specified within Wi-Fi. The SAE
authenticated key exchange protocol has been widely
implemented in today's Wi-Fi devices as part of major
security feature upgrades and is regarded as the third
generation of Wi-Fi Protected Access. This article
presents a way of attacking the weaker randomness
generation algorithm within the SAE protocols, which
can lead to successful impersonation types of attacks.
We also suggest some protocol amendments for
protection. It is recommended that SAE implementations
should be upgraded to ensure protection against these
attacks.",
acknowledgement = ack-nhfb,
articleno = "16",
fjournal = "Digital Threats: Research and Practice (DTRAP)",
journal-URL = "https://dl.acm.org/loi/dtrap",
}