%%% -*-BibTeX-*- %%% ==================================================================== %%% BibTeX-file{ %%% author = "Nelson H. F. Beebe", %%% version = "1.05", %%% date = "28 May 2024", %%% time = "14:51:54 MDT", %%% filename = "dtrap.bib", %%% address = "University of Utah %%% Department of Mathematics, 110 LCB %%% 155 S 1400 E RM 233 %%% Salt Lake City, UT 84112-0090 %%% USA", %%% telephone = "+1 801 581 5254", %%% FAX = "+1 801 581 4148", %%% URL = "http://www.math.utah.edu/~beebe", %%% checksum = "27186 4998 22270 216446", %%% email = "beebe at math.utah.edu, beebe at acm.org, %%% beebe at computer.org (Internet)", %%% codetable = "ISO/ASCII", %%% keywords = "bibliography; BibTeX; Digital Threats: %%% Research and Practice (DTRAP)", %%% license = "public domain", %%% supported = "yes", %%% docstring = "This is a COMPLETE BibTeX bibliography for %%% Digital Threats: Research and Practice %%% (DTRAP) (CODEN ????, ISSN 2692-1626 (print), %%% 2576-5337 (electronic)). The journal appears %%% quarterly, and publication began with volume %%% 1, number 1, in March 2020. %%% %%% At version 1.05, the COMPLETE journal %%% coverage looked like this: %%% %%% 2020 ( 26) 2022 ( 44) 2024 ( 12) %%% 2021 ( 29) 2023 ( 59) %%% %%% Article: 170 %%% %%% Total entries: 170 %%% %%% The journal Web page can be found at: %%% %%% http://tsc.acm.org/ %%% %%% The journal table of contents page is at: %%% %%% https://dl.acm.org/loi/tiot %%% %%% Qualified subscribers can retrieve the full %%% text of recent articles in PDF form. %%% %%% The initial draft was extracted from the ACM %%% Web pages. %%% %%% ACM copyrights explicitly permit abstracting %%% with credit, so article abstracts, keywords, %%% and subject classifications have been %%% included in this bibliography wherever %%% available. Article reviews have been %%% omitted, until their copyright status has %%% been clarified. %%% %%% URL keys in the bibliography point to %%% World Wide Web locations of additional %%% information about the entry. %%% %%% BibTeX citation tags are uniformly chosen %%% as name:year:abbrev, where name is the %%% family name of the first author or editor, %%% year is a 4-digit number, and abbrev is a %%% 3-letter condensation of important title %%% words. Citation tags were automatically %%% generated by software developed for the %%% BibNet Project. %%% %%% In this bibliography, entries are sorted in %%% publication order, using ``bibsort -byvolume.'' %%% %%% The checksum field above contains a CRC-16 %%% checksum as the first value, followed by the %%% equivalent of the standard UNIX wc (word %%% count) utility output of lines, words, and %%% characters. This is produced by Robert %%% Solovay's checksum utility.", %%% } %%% ==================================================================== @Preamble{"\input bibnames.sty" # "\ifx \undefined \booktitle \def \booktitle #1{{{\em #1}}} \fi" # "\ifx \undefined \TM \def \TM {${}^{\sc TM}$} \fi" } %%% ==================================================================== %%% Acknowledgement abbreviations: @String{ack-nhfb = "Nelson H. F. Beebe, University of Utah, Department of Mathematics, 110 LCB, 155 S 1400 E RM 233, Salt Lake City, UT 84112-0090, USA, Tel: +1 801 581 5254, FAX: +1 801 581 4148, e-mail: \path|beebe@math.utah.edu|, \path|beebe@acm.org|, \path|beebe@computer.org| (Internet), URL: \path|http://www.math.utah.edu/~beebe/|"} %%% ==================================================================== %%% Journal abbreviations: @String{j-DTRAP = "Digital Threats: Research and Practice (DTRAP)"} %%% ==================================================================== %%% Bibliography entries: @Article{Lakhotia:2020:DTR, author = "Arun Lakhotia and Leigh Metcalf", title = "Digital Threats: Research and Practice Inaugural Issue Editorial", journal = j-DTRAP, volume = "1", number = "1", pages = "1:1--1:3", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3380320", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3380320", acknowledgement = ack-nhfb, articleno = "1", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Cormack:2020:IFS, author = "Andrew Cormack and Jeroen {Van der Ham}", title = "Introduction to the {FIRST} Special Issue", journal = j-DTRAP, volume = "1", number = "1", pages = "2:1--2:3", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3380746", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3380746", acknowledgement = ack-nhfb, articleno = "2", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Durvaux:2020:SPP, author = "Fran{\c{c}}ois Durvaux and Marc Durvaux", title = "{SCA-Pitaya}: a Practical and Affordable Side-Channel Attack Setup for Power Leakage-Based Evaluations", journal = j-DTRAP, volume = "1", number = "1", pages = "3:1--3:16", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3371393", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3371393", abstract = "Athough side-channel attacks appeared more than two decades ago, they remain very little discussed by security professionals outside the academia or very specific sectors (e.g., smartcard industry, governments). However, with the increasing \ldots{}", acknowledgement = ack-nhfb, articleno = "3", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{VanderToorn:2020:LBH, author = "Olivier {Van der Toorn} and Anna Sperotto", title = "Looking Beyond the Horizon: Thoughts on Proactive Detection of Threats", journal = j-DTRAP, volume = "1", number = "1", pages = "4:1--4:13", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3373639", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3373639", abstract = "The Internet exposes us to cyberthreats attacking information, services, and the Internet infrastructure itself. Such attacks are typically detected in a reactive fashion. The downside of this approach is that alerts of an attack are issued as it is \ldots{}", acknowledgement = ack-nhfb, articleno = "4", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Tien:2020:MLF, author = "Chin-Wei Tien and Shang-Wen Chen and Tao Ban and Sy-Yen Kuo", title = "Machine Learning Framework to Analyze {IoT} Malware Using {ELF} and Opcode Features", journal = j-DTRAP, volume = "1", number = "1", pages = "5:1--5:19", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3378448", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3378448", abstract = "Threats to devices that are part of the Internet of Things (IoT) are on the rise. Owing to the overwhelming diversity of IoT hardware and software, as well as its variants, conventional anti-virus techniques based on the Windows paradigm cannot be \ldots{}", acknowledgement = ack-nhfb, articleno = "5", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kohlrausch:2020:ASS, author = "Jan Kohlrausch and Eugene A. Brin", title = "{ARIMA} Supplemented Security Metrics for Quality Assurance and Situational Awareness", journal = j-DTRAP, volume = "1", number = "1", pages = "6:1--6:21", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3376926", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3376926", abstract = "Quality assurance and situational awareness are important areas of interest for CSIRTs and security teams. Significant efforts have been made on defining metrics measuring critical parameters for these fields of application. However, methodical \ldots{}", acknowledgement = ack-nhfb, articleno = "6", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sacher:2020:FFP, author = "Desiree Sacher", title = "Fingerpointing False Positives: How to Better Integrate Continuous Improvement into Security Monitoring", journal = j-DTRAP, volume = "1", number = "1", pages = "7:1--7:7", month = mar, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3370084", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Apr 7 12:42:02 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3370084", abstract = "Security incidents created during the security continuous monitoring process (ISCM, NIST 800-137 [1]) can be a valuable source for improving company processes and an efficient reference for budget planning if used correctly. The idea presented in this \ldots{}", acknowledgement = ack-nhfb, articleno = "7", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Waked:2020:SST, author = "Louis Waked and Mohammad Mannan and Amr Youssef", title = "The Sorry State of {TLS} Security in Enterprise Interception Appliances", journal = j-DTRAP, volume = "1", number = "2", pages = "8:1--8:26", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3372802", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3372802", abstract = "Network traffic inspection, including TLS traffic, in enterprise environments is widely practiced. Reasons for doing so are primarily related to improving enterprise security (e.g., phishing and malicious traffic detection) and meeting legal \ldots{}", acknowledgement = ack-nhfb, articleno = "8", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Shukla:2020:TUI, author = "Diksha Shukla and Partha Pratim KUNDU and Ravichandra Malapati and Sujit Poudel and Zhanpeng Jin and Vir V. Phoha", title = "Thinking Unveiled: an Inference and Correlation Model to Attack {EEG} Biometrics", journal = j-DTRAP, volume = "1", number = "2", pages = "9:1--9:29", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3374137", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3374137", abstract = "Very few studies have explored linkages between physiological, such as electroencephalograph (EEG), and behavioral patterns, such as wrist movements. These linkages provide us a unique mechanism to predict one set of patterns from other related \ldots{}", acknowledgement = ack-nhfb, articleno = "9", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Gajrani:2020:VVV, author = "Jyoti Gajrani and Meenakshi Tripathi and Vijay Laxmi and Gaurav Somani and Akka Zemmari and Manoj Singh Gaur", title = "{Vulvet}: Vetting of Vulnerabilities in {Android} Apps to Thwart Exploitation", journal = j-DTRAP, volume = "1", number = "2", pages = "10:1--10:25", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3376121", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3376121", abstract = "Data security and privacy of Android users is one of the challenging security problems addressed by the security research community. A major source of the security vulnerabilities in Android apps is attributed to bugs within source code, insecure APIs, \ldots{}", acknowledgement = ack-nhfb, articleno = "10", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Cai:2020:TOA, author = "Yegui Cai and George O. M. Yee and Yuan Xiang Gu and Chung-Horng Lung", title = "Threats to Online Advertising and Countermeasures: a Technical Survey", journal = j-DTRAP, volume = "1", number = "2", pages = "11:1--11:27", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3374136", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3374136", abstract = "Online advertising, also known as web advertising or Internet marketing, is the means and process of promoting products and services on the Internet, and it has been one of the important business models for the Internet. Due to its lucrative nature and \ldots{}", acknowledgement = ack-nhfb, articleno = "11", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Zhou:2020:FNE, author = "Xinyi Zhou and Atishay Jain and Vir V. Phoha and Reza Zafarani", title = "Fake News Early Detection: a Theory-driven Model", journal = j-DTRAP, volume = "1", number = "2", pages = "12:1--12:25", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3377478", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3377478", abstract = "Massive dissemination of fake news and its potential to erode democracy has increased the demand for accurate fake news detection. Recent advancements in this area have proposed novel techniques that aim to detect fake news by exploring how it \ldots{}", acknowledgement = ack-nhfb, articleno = "12", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Koot:2020:FNC, author = "Matthijs Koot", title = "Field Note on {CVE-2019-11510}: Pulse Connect Secure {SSL-VPN} in {The Netherlands}", journal = j-DTRAP, volume = "1", number = "2", pages = "13:1--13:7", month = jul, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3382765", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sun Jul 12 11:50:01 MDT 2020", bibsource = "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib; http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/abs/10.1145/3382765", abstract = "This Field Note describes the case of a critical unauthenticated RCE vulnerability in an SSL-VPN product that remained unpatched at a large scale-up and until after exploits became public. Approximately 14,500 systems worldwide were reportedly unpatched at the end of August 2019. Two weeks after exploits emerged in public, both GCHQ and NSA released notices that the vulnerability was being exploited by APT actors. The present Field Note describes observations from the Netherlands and includes reflections in an attempt to stimulate thinking on how to improve the status quo, such as through coordinated proactive measures by CSIRTs.", acknowledgement = ack-nhfb, articleno = "13", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Burton:2020:ULT, author = "Ren{\'e}e Burton", title = "Unsupervised Learning Techniques for Malware Characterization: Understanding Certain {DNS}-based {DDoS} Attacks", journal = j-DTRAP, volume = "1", number = "3", pages = "14:1--14:26", month = sep, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3377869", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:08 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3377869", abstract = "This article details data science research in the area of Cyber Threat Intelligence applied to a specific type of Distributed Denial of Service (DDoS) attack. We study a DDoS technique prevalent in the Domain Name System (DNS) for which little malware \ldots{}", acknowledgement = ack-nhfb, articleno = "14", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Scofield:2020:AML, author = "Daniel Scofield and Craig Miles and Stephen Kuhn", title = "Automated Model Learning for Accurate Detection of Malicious Digital Documents", journal = j-DTRAP, volume = "1", number = "3", pages = "15:1--15:21", month = sep, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3379505", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:08 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3379505", abstract = "Modern cyber attacks are often conducted by distributing digital documents that contain malware. The approach detailed herein, which consists of a classifier that uses features derived from dynamic analysis of a document viewer as it renders the \ldots{}", acknowledgement = ack-nhfb, articleno = "15", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Laurenza:2020:MTE, author = "Giuseppe Laurenza and Riccardo Lazzeretti and Luca Mazzotti", title = "Malware Triage for Early Identification of Advanced Persistent Threat Activities", journal = j-DTRAP, volume = "1", number = "3", pages = "16:1--16:17", month = sep, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3386581", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:08 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3386581", abstract = "In the past decade, a new class of cyber-threats, known as ``Advanced Persistent Threat'' (APT), has emerged and has been used by different organizations to perform dangerous and effective attacks against financial and politic entities, critical \ldots{}", acknowledgement = ack-nhfb, articleno = "16", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Steinhauser:2020:DTI, author = "Anton{\'\i}n Steinhauser and Petr Tuma", title = "Database Traffic Interception for Graybox Detection of Stored and Context-sensitive {XSS}", journal = j-DTRAP, volume = "1", number = "3", pages = "17:1--17:23", month = sep, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3399668", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:08 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3399668", abstract = "Cross site scripting (XSS) is a type of a security vulnerability that permits injecting malicious code into the client side of a web application. In the simplest situations, XSS vulnerabilities arise when a web application includes the user input in the \ldots{}", acknowledgement = ack-nhfb, articleno = "17", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Gutzwiller:2020:GOS, author = "Robert Gutzwiller and Josiah Dykstra and Bryan Payne", title = "Gaps and Opportunities in Situational Awareness for Cybersecurity", journal = j-DTRAP, volume = "1", number = "3", pages = "18:1--18:6", month = sep, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3384471", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:08 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3384471", abstract = "Demand is present among security practitioners for improving cyber situational awareness (SA), but capability and assessment have not risen to match. SA is an integral component of cybersecurity for everyone from individuals to business to response \ldots{}", acknowledgement = ack-nhfb, articleno = "18", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Perdisci:2020:IAS, author = "Roberto Perdisci and Martina Lindorfer and Adam Doup{\'e} and Andrea Lanzi and Alexandros Kapravelos and Gianluca Stringhini", title = "Introduction to the {ACSAC'19} Special Issue --- {Part 1}", journal = j-DTRAP, volume = "1", number = "4", pages = "19e:1--19e:3", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3437251", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3437251", acknowledgement = ack-nhfb, articleno = "19e", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Agadakos:2020:LSD, author = "Ioannis Agadakos and Nicholas Demarinis and Di Jin and Kent Williams-King and Jearson Alfajardo and Benjamin Shteinfeld and David Williams-King and Vasileios P. Kemerlis and Georgios Portokalidis", title = "Large-scale Debloating of Binary Shared Libraries", journal = j-DTRAP, volume = "1", number = "4", pages = "19:1--19:28", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3414997", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3414997", abstract = "Developers nowadays have access to an arsenal of toolkits and libraries for rapid application prototyping. However, when an application loads a library, the entirety of that library's code is mapped into the process address space, even if only a single \ldots{}", acknowledgement = ack-nhfb, articleno = "19", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Palit:2020:MDO, author = "Tapti Palit and Fabian Monrose and Michalis Polychronakis", title = "Mitigating Data-only Attacks by Protecting Memory-resident Sensitive Data", journal = j-DTRAP, volume = "1", number = "4", pages = "20:1--20:26", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3419475", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419475", abstract = "Gaining reliable arbitrary code execution through the exploitation of memory corruption vulnerabilities is becoming increasingly more difficult in the face of modern exploit mitigations. Facing this challenge, adversaries have started shifting their \ldots{}", acknowledgement = ack-nhfb, articleno = "20", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Chevalier:2020:ISC, author = "Ronny Chevalier and David Plaquin and Chris Dalton and Guillaume Hiet", title = "Intrusion Survivability for Commodity Operating Systems", journal = j-DTRAP, volume = "1", number = "4", pages = "21:1--21:30", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3419471", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419471", abstract = "Despite the deployment of preventive security mechanisms to protect the assets and computing platforms of users, intrusions eventually occur. We propose a novel intrusion survivability approach to withstand ongoing intrusions. Our approach relies on an \ldots{}", acknowledgement = ack-nhfb, articleno = "21", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Osman:2020:SAA, author = "Tousif Osman and Mohammad Mannan and Urs Hengartner and Amr Youssef", title = "Securing Applications against Side-channel Attacks through Resource Access Veto", journal = j-DTRAP, volume = "1", number = "4", pages = "22:1--22:29", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3416124", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3416124", abstract = "Apps on modern mobile operating systems can access various system resources with, or without, an explicit user permission. Although the OS generally maintains strict separation between apps, an app can still get access to another app's private \ldots{}", acknowledgement = ack-nhfb, articleno = "22", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Karim:2020:ADA, author = "Imtiaz Karim and Fabrizio Cicala and Syed Rafiul Hussain and Omar Chowdhury and Elisa Bertino", title = "{ATFuzzer}: Dynamic Analysis Framework of {AT} Interface for {Android} Smartphones", journal = j-DTRAP, volume = "1", number = "4", pages = "23:1--23:29", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3416125", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3416125", abstract = "Application processors of modern smartphones use the AT interface for issuing high-level commands (or AT-commands) to the baseband processor for performing cellular network operations (e.g., placing a phone call). Vulnerabilities in this interface can \ldots{}", acknowledgement = ack-nhfb, articleno = "23", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sanchez-Rola:2020:CPT, author = "Iskander Sanchez-Rola and Davide Balzarotti and Igor Santos", title = "Cookies from the Past: Timing Server-side Request Processing Code for History Sniffing", journal = j-DTRAP, volume = "1", number = "4", pages = "24:1--24:24", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3419473", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419473", abstract = "Cookies were originally introduced as a way to provide state awareness to websites, and they are now one of the backbones of the current web. However, their use is not limited to store the login information or to save the current state of user browsing. \ldots{}", acknowledgement = ack-nhfb, articleno = "24", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Ukrop:2020:WYT, author = "Martin Ukrop and Lydia Kraus and Vashek Matyas", title = "Will You Trust This {TLS} Certificate?: Perceptions of People Working in {IT} (Extended Version)", journal = j-DTRAP, volume = "1", number = "4", pages = "25:1--25:29", month = dec, year = "2020", CODEN = "????", DOI = "https://doi.org/10.1145/3419472", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:09 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419472", abstract = "Flawed TLS certificates are not uncommon on the Internet. While they signal a potential issue, in most cases they have benign causes (e.g., misconfiguration or even deliberate deployment). This adds fuzziness to the decision on whether to trust a \ldots{}", acknowledgement = ack-nhfb, articleno = "25", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Perdisci:2021:IAS, author = "Roberto Perdisci and Martina Lindorfer and Adam Doup{\'e} and Andrea Lanzi and Alexandros Kapravelos and Gianluca Stringhini", title = "Introduction to the {ACSAC'19} Special Issue --- Vol. 2", journal = j-DTRAP, volume = "2", number = "1", pages = "1:1--1:2", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3437253", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3437253", acknowledgement = ack-nhfb, articleno = "1", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Desmet:2021:POS, author = "Lieven Desmet and Jan Spooren and Thomas Vissers and Peter Janssen and Wouter Joosen", title = "{Premadoma}: an Operational Solution to Prevent Malicious Domain Name Registrations in the {\tt .eu} {TLD}", journal = j-DTRAP, volume = "2", number = "1", pages = "2:1--2:24", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3419476", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419476", abstract = "DNS is one of the most essential components of the Internet, mapping domain names to the IP addresses behind almost every online service. Domain names are therefore also a fundamental tool for attackers to quickly locate and relocate their malicious \ldots{}", acknowledgement = ack-nhfb, articleno = "2", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Nakatsuka:2021:PPD, author = "Yoshimichi Nakatsuka and Andrew Paverd and Gene Tsudik", title = "{PDoT}: Private {DNS}-over-{TLS} with {TEE} Support", journal = j-DTRAP, volume = "2", number = "1", pages = "3:1--3:22", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3431171", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3431171", abstract = "Security and privacy of the Internet Domain Name System (DNS) have been longstanding concerns. Recently, there is a trend to protect DNS traffic using Transport Layer Security (TLS). However, at least two major issues remain: (1) How do clients \ldots{}", acknowledgement = ack-nhfb, articleno = "3", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Genc:2021:CMG, author = "Ziya Alper Gen{\c{c}} and Gabriele Lenzini and Daniele Sgandurra", title = "Cut-and-Mouse and Ghost Control: Exploiting Antivirus Software with Synthesized Inputs", journal = j-DTRAP, volume = "2", number = "1", pages = "4:1--4:23", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3431286", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3431286", abstract = "To protect their digital assets from malware attacks, most users and companies rely on antivirus (AV) software. AVs' protection is a full-time task against malware: This is similar to a game where malware, e.g., through obfuscation and polymorphism, \ldots{}", acknowledgement = ack-nhfb, articleno = "4", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Usui:2021:ARE, author = "Toshinori Usui and Yuto Otsuki and Tomonori Ikuse and Yuhei Kawakoya and Makoto Iwamura and Jun Miyoshi and Kanta Matsuura", title = "Automatic Reverse Engineering of Script Engine Binaries for Building Script {API} Tracers", journal = j-DTRAP, volume = "2", number = "1", pages = "5:1--5:31", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3416126", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3416126", abstract = "Script languages are designed to be easy-to-use and require low learning costs. These features provide attackers options to choose a script language for developing their malicious scripts. This diversity of choice in the attacker side unexpectedly \ldots{}", acknowledgement = ack-nhfb, articleno = "5", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sikder:2021:ACA, author = "Amit Kumar Sikder and Leonardo Babun and A. Selcuk Uluagac", title = "{Aegis+}: a Context-aware Platform-independent Security Framework for Smart Home Systems", journal = j-DTRAP, volume = "2", number = "1", pages = "6:1--6:33", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3428026", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3428026", abstract = "The introduction of modern Smart Home Systems (SHSs) is redefining the way we perform everyday activities. Today, myriad SHS applications and the devices they control are widely available to users. Specifically, users can easily download and install the \ldots{}", acknowledgement = ack-nhfb, articleno = "6", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Dash:2021:SAA, author = "Pritam Dash and Mehdi Karimibiuki and Karthik Pattabiraman", title = "Stealthy Attacks against Robotic Vehicles Protected by Control-based Intrusion Detection Techniques", journal = j-DTRAP, volume = "2", number = "1", pages = "7:1--7:25", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3419474", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3419474", abstract = "Robotic vehicles (RV) are increasing in adoption in many industrial sectors. RVs use auto-pilot software for perception and navigation and rely on sensors and actuators for operating autonomously in the physical world. Control algorithms have been used \ldots{}", acknowledgement = ack-nhfb, articleno = "7", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Amiet:2021:BVP, author = "Nils Amiet", title = "Blockchain Vulnerabilities in Practice", journal = j-DTRAP, volume = "2", number = "2", pages = "8:1--8:7", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3407230", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/bitcoin.bib; http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3407230", abstract = "Blockchains are not invulnerable. There are known vulnerabilities in various blockchain ecosystem components. This field note describes some vulnerabilities observed in smart contracts and node software, their exploitation, and how to avoid them, with a \ldots{}", acknowledgement = ack-nhfb, articleno = "8", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Zafarani:2021:IRT, author = "Reza Zafarani and Huan Liu and Vir V. Phoha and Javad Azimi", title = "Inroduction on Recent Trends and Perspectives in Fake News Research", journal = j-DTRAP, volume = "2", number = "2", pages = "13:1--13:3", month = mar, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3448634", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue Mar 30 16:33:10 MDT 2021", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3448634", acknowledgement = ack-nhfb, articleno = "13", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Konstantinovskiy:2021:TAF, author = "Lev Konstantinovskiy and Oliver Price and Mevan Babakar and Arkaitz Zubiaga", title = "Toward Automated Factchecking: Developing an Annotation Schema and Benchmark for Consistent Automated Claim Detection", journal = j-DTRAP, volume = "2", number = "2", pages = "14:1--14:16", month = jun, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3412869", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:29:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3412869", abstract = "In an effort to assist factcheckers in the process of factchecking, we tackle the claim detection task, one of the necessary stages prior to determining the veracity of a claim. It consists of identifying the set of sentences, out of a long text, deemed \ldots{}", acknowledgement = ack-nhfb, articleno = "14", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Datta:2021:PSS, author = "Pratim Datta and Mark Whitmore and Joseph K. Nwankpa", title = "A Perfect Storm: Social Media News, Psychological Biases, and {AI}", journal = j-DTRAP, volume = "2", number = "2", pages = "15:1--15:21", month = jun, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3428157", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:29:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3428157", abstract = "In an age where news information is created by millions and consumed by billions over social media (SM) every day, issues of information biases, fake news, and echo-chambers have dominated the corridors of technology firms, news corporations, policy \ldots{}", acknowledgement = ack-nhfb, articleno = "15", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Valecha:2021:FNS, author = "Rohit Valecha and Srikrishna Krishnarao Srinivasan and Tejaswi Volety and K. Hazel Kwon and Manish Agrawal and H. Raghav Rao", title = "Fake News Sharing: an Investigation of Threat and Coping Cues in the Context of the {Zika} Virus", journal = j-DTRAP, volume = "2", number = "2", pages = "16:1--16:16", month = jun, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3410025", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:29:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3410025", abstract = "Fake news has become a growing problem for societies, spreading virally and transforming into harmful impacts in social networks. The problem of fake news is even more troubling in the healthcare context. In the healthcare literature, it has been well \ldots{}", acknowledgement = ack-nhfb, articleno = "16", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Huang:2021:IRW, author = "Teng-Chieh Huang and Razieh Nokhbeh Zaeem and K. Suzanne Barber", title = "Identifying Real-world Credible Experts in the Financial Domain", journal = j-DTRAP, volume = "2", number = "2", pages = "17:1--17:14", month = jun, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3446783", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:29:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3446783", abstract = "Establishing a solid mechanism for finding credible and trustworthy people in online social networks is an important first step to avoid useless, misleading, or even malicious information. There is a body of existing work studying trustworthiness of \ldots{}", acknowledgement = ack-nhfb, articleno = "17", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{VanDerHam:2021:TBU, author = "Jeroen {Van Der Ham}", title = "Toward a Better Understanding of ``Cybersecurity''", journal = j-DTRAP, volume = "2", number = "3", pages = "18:1--18:3", month = sep, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3442445", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3442445", abstract = "The term ``cybersecurity'' has gained widespread popularity but has not been defined properly. The term is used by many different people to mean different things in different contexts. A better understanding of ``cybersecurity'' will allow us a better \ldots{}", acknowledgement = ack-nhfb, articleno = "18", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Metcalf:2021:EDB, author = "Leigh Metcalf and Jonathan M. Spring", title = "The Ecosystem of Detection and Blocklisting of Domain Generation", journal = j-DTRAP, volume = "2", number = "3", pages = "19:1--19:22", month = sep, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3423951", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3423951", abstract = "Malware authors use domain generation algorithms to establish more reliable communication methods that can avoid reactive defender blocklisting techniques. Network defense has sought to supplement blocklists with methods for detecting machine-generated \ldots{}", acknowledgement = ack-nhfb, articleno = "19", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Jacobs:2021:EPS, author = "Jay Jacobs and Sasha Romanosky and Benjamin Edwards and Idris Adjerid and Michael Roytman", title = "{Exploit Prediction Scoring System (EPSS)}", journal = j-DTRAP, volume = "2", number = "3", pages = "20:1--20:17", month = jul, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3436242", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3436242", abstract = "Despite the large investments in information security technologies and research over the past decades, the information security industry is still immature when it comes to vulnerability management. In particular, the prioritization of remediation \ldots{}", acknowledgement = ack-nhfb, articleno = "20", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Lamp:2021:ECA, author = "Josephine Lamp and Carlos E. Rubio-Medrano and Ziming Zhao and Gail-Joon Ahn", title = "\pkg{ExSol}: Collaboratively Assessing Cybersecurity Risks for Protecting Energy Delivery Systems", journal = j-DTRAP, volume = "2", number = "3", pages = "21:1--21:23", month = jul, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3428156", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3428156", abstract = "No longer just prophesied about, cyber-attacks to Energy Delivery Systems (EDS) (e.g., the power grid, gas and oil industries) are now very real dangers that result in non-trivial economical losses and inconveniences to modern societies. In such a \ldots{}", acknowledgement = ack-nhfb, articleno = "21", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Happa:2021:ADS, author = "Jassim Happa and Ioannis Agrafiotis and Martin Helmhout and Thomas Bashford-Rogers and Michael Goldsmith and Sadie Creese", title = "Assessing a Decision Support Tool for {SOC} Analysts", journal = j-DTRAP, volume = "2", number = "3", pages = "22:1--22:35", month = sep, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3430753", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3430753", abstract = "It is difficult to discern real-world consequences of attacks on an enterprise when investigating network-centric data alone. In recent years, many tools have been developed to help understand attacks using visualisation, but few aim to predict real-. \ldots{}", acknowledgement = ack-nhfb, articleno = "22", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kumar:2021:TAG, author = "Rajesh Kumar and Can Isik and Vir V. Phoha", title = "{Treadmill Assisted Gait Spoofing (TAGS)}: an Emerging Threat to Wearable Sensor-based Gait Authentication", journal = j-DTRAP, volume = "2", number = "3", pages = "23:1--23:17", month = sep, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3442151", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3442151", abstract = "In this work, we examine the impact of Treadmill Assisted Gait Spoofing on Wearable Sensor-based Gait Authentication (WSGait). We consider more realistic implementation and deployment scenarios than the previous study, which focused only on the \ldots{}", acknowledgement = ack-nhfb, articleno = "23", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Iliou:2021:DAW, author = "Christos Iliou and Theodoros Kostoulas and Theodora Tsikrika and Vasilis Katos and Stefanos Vrochidis and Ioannis Kompatsiaris", title = "Detection of Advanced {Web} Bots by Combining {Web} Logs with Mouse Behavioural Biometrics", journal = j-DTRAP, volume = "2", number = "3", pages = "24:1--24:26", month = sep, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3447815", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3447815", abstract = "Web bots vary in sophistication based on their purpose, ranging from simple automated scripts to advanced web bots that have a browser fingerprint, support the main browser functionalities, and exhibit a humanlike behaviour. Advanced web bots are \ldots{}", acknowledgement = ack-nhfb, articleno = "24", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Dykstra:2021:INS, author = "Josiah Dykstra and Neil Rowe and Timothy Shimeall and Angela Horneman and Marisa Midler", title = "Introduction: On the Nature of Situational Awareness", journal = j-DTRAP, volume = "2", number = "4", pages = "25:1--25:3", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3462334", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3462334", acknowledgement = ack-nhfb, articleno = "25", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Ring:2021:MHB, author = "John H. Ring and Colin M. {Van Oort} and Samson Durst and Vanessa White and Joseph P. Near and Christian Skalka", title = "Methods for Host-based Intrusion Detection with Deep Learning", journal = j-DTRAP, volume = "2", number = "4", pages = "26:1--26:29", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3461462", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3461462", abstract = "Host-based Intrusion Detection Systems (HIDS) automatically detect events that indicate compromise by adversarial applications. HIDS are generally formulated as analyses of sequences of system events such as bash commands or system calls. Anomaly-based. \ldots{}", acknowledgement = ack-nhfb, articleno = "26", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Samtani:2021:ICT, author = "Sagar Samtani and Weifeng Li and Victor Benjamin and Hsinchun Chen", title = "Informing Cyber Threat Intelligence through Dark {Web} Situational Awareness: The {AZSecure} Hacker Assets Portal", journal = j-DTRAP, volume = "2", number = "4", pages = "27:1--27:10", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3450972", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3450972", abstract = "To increase situational awareness, major cybersecurity platforms offer Cyber Threat Intelligence (CTI) about emerging cyber threats, key threat actors, and their modus operandi. However, this intelligence is often reactive, as it analyzes event log files \ldots{}", acknowledgement = ack-nhfb, articleno = "27", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Aksoy:2021:DLC, author = "Sinan G. Aksoy and Emilie Purvine and Stephen J. Young", title = "Directional {Laplacian} Centrality for Cyber Situational Awareness", journal = j-DTRAP, volume = "2", number = "4", pages = "28:1--28:28", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3450286", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3450286", abstract = "Cyber operations is drowning in diverse, high-volume, multi-source data. To get a full picture of current operations and identify malicious events and actors, analysts must see through data generated by a mix of human activity and benign automated \ldots{}", acknowledgement = ack-nhfb, articleno = "28", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Happa:2021:DND, author = "Jassim Happa and Thomas Bashford-Rogers and Alastair Janse {Van Rensburg} and Michael Goldsmith and Sadie Creese", title = "Deception in Network Defences Using Unpredictability", journal = j-DTRAP, volume = "2", number = "4", pages = "29:1--29:26", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3450973", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3450973", abstract = "In this article, we propose a novel method that aims to improve upon existing moving-target defences by making them unpredictably reactive using probabilistic decision-making. We postulate that unpredictability can improve network defences in two key \ldots{}", acknowledgement = ack-nhfb, articleno = "29", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Aleroud:2021:ANT, author = "Ahmed Aleroud and Fan Yang and Sai Chaithanya Pallaprolu and Zhiyuan Chen and George Karabatis", title = "Anonymization of Network Traces Data through Condensation-based Differential Privacy", journal = j-DTRAP, volume = "2", number = "4", pages = "30:1--30:23", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3425401", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3425401", abstract = "Network traces are considered a primary source of information to researchers, who use them to investigate research problems such as identifying user behavior, analyzing network hierarchy, maintaining network security, classifying packet flows, and much \ldots{}", acknowledgement = ack-nhfb, articleno = "30", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Metcalf:2021:ESI, author = "Leigh Metcalf", title = "Editorial on the Special Issue on Election Security", journal = j-DTRAP, volume = "2", number = "4", pages = "31:1--31:1", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3471534", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3471534", acknowledgement = ack-nhfb, articleno = "31", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Glazer:2021:MSL, author = "Amanda K. Glazer and Jacob V. Spertus and Philip B. Stark", title = "More Style, Less Work: Card-style Data Decrease Risk-limiting Audit Sample Sizes", journal = j-DTRAP, volume = "2", number = "4", pages = "32:1--32:15", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3457907", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3457907", abstract = "U.S. elections rely heavily on computers such as voter registration databases, electronic pollbooks, voting machines, scanners, tabulators, and results reporting websites. These introduce digital threats to election outcomes. Risk-limiting audits \ldots{}", acknowledgement = ack-nhfb, articleno = "32", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Mccorry:2021:SVB, author = "Patrick Mccorry and Maryam Mehrnezhad and Ehsan Toreini and Siamak F. Shahandashti and Feng Hao", title = "On Secure E-Voting over Blockchain", journal = j-DTRAP, volume = "2", number = "4", pages = "33:1--33:13", month = dec, year = "2021", CODEN = "????", DOI = "https://doi.org/10.1145/3461461", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:57 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/bitcoin.bib; http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3461461", abstract = "This article discusses secure methods to conduct e-voting over a blockchain in three different settings: decentralized voting, centralized remote voting, and centralized polling station voting. These settings cover almost all voting scenarios that occur \ldots{}", acknowledgement = ack-nhfb, articleno = "33", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Anonymous:2022:ISI, author = "Anonymous", title = "Introduction to the Special Issue on Insider Threats", journal = j-DTRAP, volume = "3", number = "1", pages = "1:1--1:3", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3477501", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3477501", acknowledgement = ack-nhfb, articleno = "1", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Zimmer:2022:IDN, author = "Ephraim Zimmer and Christian Burkert and Hannes Federrath", title = "Insiders Dissected: New Foundations and a Systematisation of the Research on Insiders", journal = j-DTRAP, volume = "3", number = "1", pages = "2:1--2:35", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3473674", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3473674", abstract = "The insider threat is often cited as one of the most challenging threats for security practitioners. Even though this topic is receiving considerable attention, two main problems remain unsolved. First, research on insider threats is focusing on many \ldots{}", acknowledgement = ack-nhfb, articleno = "2", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Williams:2022:RIA, author = "Adam D. Williams and Shannon N. Abbott and Nathan Shoman and William S. Charlton", title = "Results From Invoking Artificial Neural Networks to Measure Insider Threat Detection \& Mitigation", journal = j-DTRAP, volume = "3", number = "1", pages = "3:1--3:20", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3457909", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3457909", abstract = "Advances on differentiating between malicious intent and natural ``organizational evolution'' to explain observed anomalies in operational workplace patterns suggest benefit from evaluating collective behaviors observed in the facilities to improve insider \ldots{}", acknowledgement = ack-nhfb, articleno = "3", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sticha:2022:SOD, author = "Paul J. Sticha and Tirso E. Diaz and Elise T. Axelrad and Sean D. Vermillion and Dennis M. Buede", title = "Simulating Organizational Data from Redacted Input for Inference Enterprise Modeling", journal = j-DTRAP, volume = "3", number = "1", pages = "4:1--4:30", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3457910", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3457910", abstract = "Organizations that use data to assess insider threats, or other workforce outcomes, need to evaluate the quality of their assessment methods. This evaluation relies on an accurate representation of the predictors and criterion variables within the \ldots{}", acknowledgement = ack-nhfb, articleno = "4", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Zheng:2022:UDM, author = "Panpan Zheng and Shuhan Yuan and Xintao Wu", title = "Using {Dirichlet} Marked {Hawkes} Processes for Insider Threat Detection", journal = j-DTRAP, volume = "3", number = "1", pages = "5:1--5:19", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3457908", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3457908", abstract = "Malicious insiders cause significant loss to organizations. Due to an extremely small number of malicious activities from insiders, insider threat is hard to detect. In this article, we present a Dirichlet Marked Hawkes Process (DMHP) to detect malicious \ldots{}", acknowledgement = ack-nhfb, articleno = "5", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bromander:2022:ISC, author = "Siri Bromander and Morton Swimmer and Lilly Pijnenburg Muller and Audun J{\o}sang and Martin Eian and Geir Skj{\o}tskift and Fredrik Borg", title = "Investigating Sharing of Cyber Threat Intelligence and Proposing A New Data Model for Enabling Automation in Knowledge Representation and Exchange", journal = j-DTRAP, volume = "3", number = "1", pages = "6:1--6:22", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3458027", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3458027", abstract = "For a strong, collective defense in the digital domain, we need to produce, consume, analyze, and share cyber threat intelligence. With an increasing amount of available information, we need automation to ensure adequate efficiency. We present the results \ldots{}", acknowledgement = ack-nhfb, articleno = "6", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Mainardi:2022:PAC, author = "Nicholas Mainardi and Alessandro Barenghi and Gerardo Pelosi", title = "Privacy-aware Character Pattern Matching over Outsourced Encrypted Data", journal = j-DTRAP, volume = "3", number = "1", pages = "7:1--7:38", month = mar, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3462333", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Wed Mar 2 07:28:58 MST 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3462333", abstract = "Providing a method to efficiently search into outsourced encrypted data, without forsaking strong privacy guarantees, is a pressing concern rising from the separation of data ownership and data management typical of cloud-based applications. While several \ldots{}", acknowledgement = ack-nhfb, articleno = "7", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Rodriguez:2022:ISI, author = "Ricardo J. Rodr{\'\i}guez and Xabier Ugarte-Pedrero and Juan Tapiador", title = "Introduction to the Special Issue on Challenges and Trends in Malware Analysis", journal = j-DTRAP, volume = "3", number = "2", pages = "8:1--8:2", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3536319", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3536319", acknowledgement = ack-nhfb, articleno = "8", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{deWit:2022:DDM, author = "J. S. Panman de Wit and D. Bucur and J. van der Ham", title = "Dynamic Detection of Mobile Malware Using Smartphone Data and Machine Learning", journal = j-DTRAP, volume = "3", number = "2", pages = "9:1--9:24", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3484246", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3484246", abstract = "Mobile malware are malicious programs that target mobile devices. They are an increasing problem, as seen with the rise of detected mobile malware samples per year. The number of active smartphone users is expected to grow, stressing the importance of \ldots{}", acknowledgement = ack-nhfb, articleno = "9", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{DElia:2022:EDB, author = "Daniele Cono D'Elia and Lorenzo Invidia and Federico Palmaro and Leonardo Querzoni", title = "Evaluating Dynamic Binary Instrumentation Systems for Conspicuous Features and Artifacts", journal = j-DTRAP, volume = "3", number = "2", pages = "10:1--10:13", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3478520", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3478520", abstract = "Dynamic binary instrumentation (DBI) systems are a popular solution for prototyping heterogeneous program analyses and monitoring tools. Several works from academic and practitioner venues have questioned the transparency of DBI systems, with anti-. \ldots{}", acknowledgement = ack-nhfb, articleno = "10", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Filho:2022:ECT, author = "Ailton Santos Filho and Ricardo J. Rodr{\'\i}guez and Eduardo L. Feitosa", title = "Evasion and Countermeasures Techniques to Detect Dynamic Binary Instrumentation Frameworks", journal = j-DTRAP, volume = "3", number = "2", pages = "11:1--11:28", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480463", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480463", abstract = "Dynamic Binary Instrumentation (DBI) is a dynamic analysis technique that allows arbitrary code to be executed when a program is running. DBI frameworks have started to be used to analyze malicious applications. As a result, different approaches have \ldots{}", acknowledgement = ack-nhfb, articleno = "11", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Perdisci:2022:IAS, author = "Roberto Perdisci and Martina Lindorfer and Gianluca Stringhini", title = "Introduction to the {ACSAC'20} Special Issue", journal = j-DTRAP, volume = "3", number = "2", pages = "12:1--12:2", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3534708", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3534708", acknowledgement = ack-nhfb, articleno = "12", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Alder:2022:FPU, author = "Fritz Alder and Jo {Van Bulck} and Jesse Spielman and David Oswald and Frank Piessens", title = "Faulty Point Unit: {ABI} Poisoning Attacks on Trusted Execution Environments", journal = j-DTRAP, volume = "3", number = "2", pages = "13:1--13:26", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491264", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib; http://www.math.utah.edu/pub/tex/bib/fparith.bib", URL = "https://dl.acm.org/doi/10.1145/3491264", abstract = "This article analyzes a previously overlooked attack surface that allows unprivileged adversaries to impact floating-point computations in enclaves through the Application Binary Interface (ABI). In a comprehensive study across 7 industry-standard and esearch enclave shielding runtimes for Intel Software Guard Extensions (SGX), we show that control and state registers of the x87 Floating-Point Unit (FPU) and Intel Streaming SIMD Extensions are not always properly sanitized on enclave entry. We furthermore show that this attack goes beyond the x86 architecture and can also affect RISC-V enclaves. Focusing on SGX, we abuse the adversary's control over precision and rounding modes as an ABI fault injection primitive to corrupt enclaved floating-point operations. Our analysis reveals that this is especially relevant for applications that use the older x87 FPU, which is still under certain conditions used by modern compilers. We exemplify the potential impact of ABI quality-degradation attacks for enclaved machine learning and for the SPEC benchmarks. We then explore the impact on confidentiality, showing that control over exception masks can be abused as a controlled channel to recover enclaved multiplication operands. Our findings, affecting 5 of 7 studied SGX runtimes and one RISC-V runtime, demonstrate the challenges of implementing high-assurance trusted execution across computing architectures.", acknowledgement = ack-nhfb, articleno = "13", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Rosso:2022:SMT, author = "Martin Rosso and Michele Campobasso and Ganduulga Gankhuyag and Luca Allodi", title = "{SAIBERSOC}: a Methodology and Tool for Experimenting with Security Operation Centers", journal = j-DTRAP, volume = "3", number = "2", pages = "14:1--14:29", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491266", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491266", abstract = "In this article, we introduce SAIBERSOC (Synthetic Attack Injection to Benchmark and Evaluate the Performance of Security Operation Centers), a tool and methodology enabling security researchers and operators to evaluate the performance of deployed and \ldots{}", acknowledgement = ack-nhfb, articleno = "14", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Oesch:2022:UPS, author = "Sean Oesch and Ruba Abu-Salma and Oumar Diallo and Juliane Kr{\"a}mer and James Simmons and Justin Wu and Scott Ruoti", title = "User Perceptions of Security and Privacy for Group Chat", journal = j-DTRAP, volume = "3", number = "2", pages = "15:1--15:29", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491265", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491265", abstract = "Secure messaging tools are an integral part of modern society. To understand users' security and privacy perceptions and requirements for secure group chat, we surveyed 996 respondents in the US and UK. Our results show that group chat presents important \ldots{}", acknowledgement = ack-nhfb, articleno = "15", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sun:2022:CRV, author = "Sheng Sun", title = "A Chosen Random Value Attack on {WPA3 SAE} Authentication Protocol", journal = j-DTRAP, volume = "3", number = "2", pages = "16:1--16:8", month = jun, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3468526", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Sat Jul 30 07:34:14 MDT 2022", bibsource = "http://www.math.utah.edu/pub/tex/bib/cryptography2020.bib; http://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3468526", abstract = "Simultaneous Authentication of Equals (SAE) is a password-authenticated key exchange protocol that is designed to replace the WPA2-PSK-based authentication. The SAE authenticated key exchange protocol supports the peer-to-peer authentication and is one of he major authentication mechanisms of the Authentication and Key Management Suite specified within Wi-Fi. The SAE authenticated key exchange protocol has been widely implemented in today's Wi-Fi devices as part of major security feature upgrades and is regarded as the third generation of Wi-Fi Protected Access. This article presents a way of attacking the weaker randomness generation algorithm within the SAE protocols, which can lead to successful impersonation types of attacks. We also suggest some protocol amendments for protection. It is recommended that SAE implementations should be upgraded to ensure protection against these attacks.", acknowledgement = ack-nhfb, articleno = "16", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Husak:2022:HIA, author = "Martin Hus{\'a}k and Martin Lastovicka and Tom{\'a}s Plesn{\'\i}k", title = "Handling {Internet} Activism During the {Russian} Invasion of {Ukraine}: a Campus Network Perspective", journal = j-DTRAP, volume = "3", number = "3", pages = "17:1--17:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3534566", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3534566", abstract = "The Russian invasion of Ukraine in 2022 raised an enormous wave of Internet activism and distributed denial-of-service (DDoS) attacks launched with the help of common users across the world. In this article, we describe the events of the first days after \ldots{}", acknowledgement = ack-nhfb, articleno = "17", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Desidera:2022:ISI, author = "Lucimara Desider{\'a} and Jeroen van der Ham", title = "Introduction to the Special Issue on the {2020 FIRST Conference}", journal = j-DTRAP, volume = "3", number = "3", pages = "18:1--18:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3549069", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3549069", acknowledgement = ack-nhfb, articleno = "18", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Dulaunoy:2022:APC, author = "Alexandre Dulaunoy and Jean-Louis Huynen and Aurelien Thirion", title = "Active and Passive Collection of {SSH} Key Material for Cyber Threat Intelligence", journal = j-DTRAP, volume = "3", number = "3", pages = "19:1--19:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491262", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491262", abstract = "This article describes a system for storing historical forensic artifacts collected from SSH connections. This system exposes a REST API in a similar fashion as passive DNS databases, malware hash registries, and SSL notaries with the goal of supporting \ldots{}", acknowledgement = ack-nhfb, articleno = "19", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Chen:2022:BML, author = "Chung-Kuan Chen and Si-Chen Lin and Szu-Chun Huang and Yung-Tien Chu and Chin-Laung Lei and Chun-Ying Huang", title = "Building Machine Learning-based Threat Hunting System from Scratch", journal = j-DTRAP, volume = "3", number = "3", pages = "20:1--20:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491260", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491260", abstract = "Machine learning has been widely used for solving challenging problems in diverse areas. However, to the best of our knowledge, seldom literature has discussed in-depth how machine learning approaches can be used effectively to ``hunt'' (identify) threats, \ldots{}", acknowledgement = ack-nhfb, articleno = "20", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Wala:2022:LUD, author = "Fatema Bannat Wala and Chase Cotton", title = "{``Off-Label''} Use of {DNS}", journal = j-DTRAP, volume = "3", number = "3", pages = "21:1--21:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491261", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491261", abstract = "The Domain Name System (DNS) is known to be one of the most widely abused protocols by threat actors to use in unconventional ways to hide under normal traffic. Apart from threat actors, DNS is being actively used or rather misused by many other service \ldots{}", acknowledgement = ack-nhfb, articleno = "21", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sacher-Boldewin:2022:IPL, author = "Desiree Sacher-Boldewin and Eireann Leverett", title = "The Intelligent Process Lifecycle of Active Cyber Defenders", journal = j-DTRAP, volume = "3", number = "3", pages = "22:1--22:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3499427", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3499427", abstract = "``There are a thousand hacking at the branches of evil to one who is striking at the root.'' Henry David Thoreau Successful information security requires careful application of tools to goals. The tools must be well used and well configured and require \ldots{}", acknowledgement = ack-nhfb, articleno = "22", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bajic:2022:FND, author = "Mila Baji{\'c} and Andrej Petrovski and Bojan Perkov", title = "Field Note on Doing Digital Rights: {Central and Southeast Europe Monitoring Project}", journal = j-DTRAP, volume = "3", number = "3", pages = "23:1--23:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3513024", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3513024", abstract = "This field note presents a look at the SHARE Monitoring project, which collects and classifies digital rights violations in Southeast Europe. Emerging threats in the digital environment have exponentially grown in the past year due to the COVID-19 \ldots{}", acknowledgement = ack-nhfb, articleno = "23", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kaptchuk:2022:ISI, author = "Gabriel Kaptchuk and Fabio Massacci and Sara Nieves Matheu Garcia and Elissa M. Redmiles", title = "Introduction to the Special Issue on Security and Privacy for {COVID-19}", journal = j-DTRAP, volume = "3", number = "3", pages = "24:1--24:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3549070", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3549070", acknowledgement = ack-nhfb, articleno = "24", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Simko:2022:CCT, author = "Lucy Simko and Jack Chang and Maggie Jiang and Ryan Calo and Franziska Roesner and Tadayoshi Kohno", title = "{COVID-19} Contact Tracing and Privacy: a Longitudinal Study of Public Opinion", journal = j-DTRAP, volume = "3", number = "3", pages = "25:1--25:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480464", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480464", abstract = "There is growing use of technology-enabled contact tracing, the process of identifying potentially infected COVID-19 patients by notifying all recent contacts of an infected person. Governments, technology companies, and research groups alike have been \ldots{}", acknowledgement = ack-nhfb, articleno = "25", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Stojkovski:2022:UOD, author = "Borce Stojkovski and Ruba Abu-Salma and Karen Triquet and Gabriele Lenzini", title = "{``Unless One Does the Research, It May Seem as Just a Useless Battery-consuming App''} --- Field Notes on {COVID-19} Contact Tracing Applications", journal = j-DTRAP, volume = "3", number = "3", pages = "26:1--26:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480466", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480466", abstract = "Globally, countries have been developing contact tracing applications to control the spread of the coronavirus (COVID-19) disease. In this work, we present the findings of eight focus groups we conducted with participants living in France and Germany, to \ldots{}", acknowledgement = ack-nhfb, articleno = "26", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kaptchuk:2022:HGG, author = "Gabriel Kaptchuk and Daniel G. Goldstein and Eszter Hargittai and Jake M. Hofman and Elissa M. Redmiles", title = "How Good is Good Enough? {Quantifying} the Impact of Benefits, Accuracy, and Privacy on Willingness to Adopt {COVID-19} Decision Aids", journal = j-DTRAP, volume = "3", number = "3", pages = "27:1--27:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3488307", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3488307", abstract = "An increasing number of data-driven decision aids are being developed to provide humans with advice to improve decision-making around important issues such as personal health and criminal justice. For algorithmic systems to support human decision-making \ldots{}", acknowledgement = ack-nhfb, articleno = "27", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Boutet:2022:DLB, author = "Antoine Boutet and Claude Castelluccia and Mathieu Cunche and C{\'e}dric Lauradou and Vincent Roca and Adrien Baud and Pierre-Guillaume Raverdy", title = "Desire: Leveraging the Best of Centralized and Decentralized Contact Tracing Systems", journal = j-DTRAP, volume = "3", number = "3", pages = "28:1--28:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480467", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480467", abstract = "Contact tracing in case of pandemic is becoming an essential mitigation tool for national health services to break infection chains and prevent the virus from spreading further. To support manual tracing, several countries have been developing contact \ldots{}", acknowledgement = ack-nhfb, articleno = "28", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Vaudenay:2022:SPG, author = "Serge Vaudenay and Martin Vuagnoux", title = "{SwissCovid} in the Perspective of Its Goals", journal = j-DTRAP, volume = "3", number = "3", pages = "29:1--29:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480465", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480465", abstract = "SwissCovid is the Swiss digital contact tracing app, which was deployed to help fighting against the COVID-19 pandemic. After a year of activity, it is high time to evaluate how effective it has been in its mission. At the highest peak, about 22\% of the \ldots{}", acknowledgement = ack-nhfb, articleno = "29", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hussain:2022:EVD, author = "Shehzeen Hussain and Paarth Neekhara and Brian Dolhansky and Joanna Bitton and Cristian Canton Ferrer and Julian McAuley and Farinaz Koushanfar", title = "Exposing Vulnerabilities of Deepfake Detection Systems with Robust Attacks", journal = j-DTRAP, volume = "3", number = "3", pages = "30:1--30:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3464307", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3464307", abstract = "Recent advances in video manipulation techniques have made the generation of fake videos more accessible than ever before. Manipulated videos can fuel disinformation and reduce trust in media. Therefore detection of fake videos has garnered immense \ldots{}", acknowledgement = ack-nhfb, articleno = "30", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Apruzzese:2022:MRA, author = "Giovanni Apruzzese and Mauro Andreolini and Luca Ferretti and Mirco Marchetti and Michele Colajanni", title = "Modeling Realistic Adversarial Attacks against Network Intrusion Detection Systems", journal = j-DTRAP, volume = "3", number = "3", pages = "31:1--31:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3469659", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3469659", abstract = "The incremental diffusion of machine learning algorithms in supporting cybersecurity is creating novel defensive opportunities but also new types of risks. Multiple researches have shown that machine learning methods are vulnerable to adversarial attacks \ldots{}", acknowledgement = ack-nhfb, articleno = "31", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Jelesnianski:2022:SSR, author = "Christopher Jelesnianski and Jinwoo Yom and Changwoo Min and Yeongjin Jang", title = "Securely Sharing Randomized Code That Flies", journal = j-DTRAP, volume = "3", number = "3", pages = "32:1--32:??", month = sep, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3474558", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:20 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3474558", abstract = "Address space layout randomization was a great role model, being a light-weight defense technique that could prevent early return-oriented programming attacks. Simple yet effective, address space layout randomization was quickly widely adopted. Conversely,. \ldots{}", acknowledgement = ack-nhfb, articleno = "32", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Shomo:2022:ISI, author = "Paul Shomo and Sebastian Echeverria and Jesse Sowell", title = "Introduction to the Special Issue on the Lifecycle of {IoT} (In)security", journal = j-DTRAP, volume = "3", number = "4", pages = "33:1--33:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3569901", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3569901", acknowledgement = ack-nhfb, articleno = "33", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Axon:2022:ECC, author = "Louise Axon and Katherine Fletcher and Arianna Schuler Scott and Marcel Stolz and Robert Hannigan and Ali {El Kaafarani} and Michael Goldsmith and Sadie Creese", title = "Emerging Cybersecurity Capability Gaps in the {Industrial Internet of Things}: Overview and Research Agenda", journal = j-DTRAP, volume = "3", number = "4", pages = "34:1--34:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3503920", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3503920", abstract = "Internet of Things (IoT)-enabled devices are becoming integrated into a significant and increasing proportion of critical infrastructures, changing the cybersecurity-risk landscape. Risk is being introduced to industry sectors such as transport, energy, \ldots{}", acknowledgement = ack-nhfb, articleno = "34", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Madani:2022:RMT, author = "Pooria Madani and Natalija Vlajic and Ivo Maljevic", title = "Randomized Moving Target Approach for {MAC-Layer} Spoofing Detection and Prevention in {IoT} Systems", journal = j-DTRAP, volume = "3", number = "4", pages = "35:1--35:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3477403", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3477403", abstract = "MAC-layer spoofing, also known as identity spoofing, is recognized as a serious problem in many practical wireless systems. IoT systems are particularly vulnerable to this type of attack as IoT devices (due to their various limitations) are often \ldots{}", acknowledgement = ack-nhfb, articleno = "35", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Mozurkewich:2022:FNI, author = "Karl Mozurkewich", title = "Field Note on {IoT} Security: Novel {JIT} Security for Large-Scale Heterogeneous {IoT} Deployments", journal = j-DTRAP, volume = "3", number = "4", pages = "36:1--36:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3503919", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3503919", abstract = "This article provides an overview of specific security considerations for multi-modal Internet-of-Things(IoT) use-case deployment. With the year-over-year exponential increase in smartdevice deployments, threat vectors continue to fall into a concise list \ldots{}", acknowledgement = ack-nhfb, articleno = "36", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Massacci:2022:ISI, author = "Fabio Massacci and Nick Nikiforakis and Ivan Pashchenko and Antonino Sabetta and Victoria Wang", title = "Introduction to the Special Issue on Vulnerabilities", journal = j-DTRAP, volume = "3", number = "4", pages = "37:1--37:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3580605", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3580605", acknowledgement = ack-nhfb, articleno = "37", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Dusing:2022:ADT, author = "Johannes D{\"u}sing and Ben Hermann", title = "Analyzing the Direct and Transitive Impact of Vulnerabilities onto Different Artifact Repositories", journal = j-DTRAP, volume = "3", number = "4", pages = "38:1--38:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3472811", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3472811", abstract = "In modern-day software development, a vast amount of public software libraries enable the reuse of existing implementations for reoccurring tasks and common problems. While this practice does yield significant benefits in productivity, it also puts an \ldots{}", acknowledgement = ack-nhfb, articleno = "38", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Householder:2022:WSJ, author = "Allen D. Householder and Jonathan Spring", title = "Are We Skillful or Just Lucky? {Interpreting} the Possible Histories of Vulnerability Disclosures", journal = j-DTRAP, volume = "3", number = "4", pages = "39:1--39:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3477431", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3477431", abstract = "Coordinated Vulnerability Disclosure (CVD) stands as a consensus response to the persistent fact of vulnerable software, yet few performance indicators have been proposed to measure its efficacy at the broadest scales. In this article, we seek to fill \ldots{}", acknowledgement = ack-nhfb, articleno = "39", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Jarvis:2022:VED, author = "Paul-David Jarvis and Amalia Damianou and Cosmin Ciobanu and Vasilis Katos", title = "Vulnerability Exposure Driven Intelligence in Smart, Circular Cities", journal = j-DTRAP, volume = "3", number = "4", pages = "40:1--40:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3487059", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3487059", abstract = "In this article, we study the vulnerability management dimension in smart city initiatives. As many cities across the globe invest a considerable amount of effort, resources and budget to modernise their infrastructure by deploying a series of \ldots{}", acknowledgement = ack-nhfb, articleno = "40", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Li:2022:SPH, author = "Ming Li and Peter Hawrylak and John Hale", title = "Strategies for Practical Hybrid Attack Graph Generation and Analysis", journal = j-DTRAP, volume = "3", number = "4", pages = "41:1--41:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3491257", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491257", abstract = "As an analytical tool in cyber-security, an attack graph (AG) is capable of discovering multi-stage attack vectors on target computer networks. Cyber-physical systems (CPSs) comprise a special type of network that not only contains computing devices but \ldots{}", acknowledgement = ack-nhfb, articleno = "41", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Leverett:2022:VFT, author = "{\'E}ireann Leverett and Matilda Rhode and Adam Wedgbury", title = "Vulnerability Forecasting: Theory and Practice", journal = j-DTRAP, volume = "3", number = "4", pages = "42:1--42:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3492328", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3492328", abstract = "It is possible to forecast the volume of CVEs released within a time frame with a given prediction interval. For example, the number of CVEs published between now and a year from now can be forecast within 8\% of the actual value. Different predictive \ldots{}", acknowledgement = ack-nhfb, articleno = "42", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Liu:2022:RAF, author = "Jinxin Liu and Murat Simsek and Burak Kantarci and Melike Erol-kantarci and Andrew Malton and Andrew Walenstein", title = "Risk-aware Fine-grained Access Control in Cyber-physical Contexts", journal = j-DTRAP, volume = "3", number = "4", pages = "43:1--43:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3480468", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3480468", abstract = "Access to resources by users may need to be granted only upon certain conditions and contexts, perhaps particularly in cyber-physical settings. Unfortunately, creating and modifying context-sensitive access control solutions in dynamic environments \ldots{}", acknowledgement = ack-nhfb, articleno = "43", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Zibak:2022:TIQ, author = "Adam Zibak and Clemens Sauerwein and Andrew C. Simpson", title = "Threat Intelligence Quality Dimensions for Research and Practice", journal = j-DTRAP, volume = "3", number = "4", pages = "44:1--44:??", month = dec, year = "2022", CODEN = "????", DOI = "https://doi.org/10.1145/3484202", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:22 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3484202", abstract = "As the adoption and diversity of threat intelligence solutions continue to grow, questions about their effectiveness, particularly in regards to the quality of the data they provide, remain unanswered. Several studies have highlighted data quality issues \ldots{}", acknowledgement = ack-nhfb, articleno = "44", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Howland:2023:CUB, author = "Henry Howland", title = "{CVSS}: Ubiquitous and Broken", journal = j-DTRAP, volume = "4", number = "1", pages = "1:1--1:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3491263", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491263", abstract = "The Common Vulnerability Scoring System is at the core of vulnerability management for systems of private corporations to highly classified government networks, allowing organizations to prioritize remediation in descending order of risk. With a lack of \ldots{}", acknowledgement = ack-nhfb, articleno = "1", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sanchez:2023:DAB, author = "Ricardo Alejandro Manzano Sanchez and Kshirasagar Naik and Abdurhman Albasir and Marzia Zaman and Nishith Goel", title = "Detection of Anomalous Behavior of Smartphone Devices using Changepoint Analysis and Machine Learning Techniques", journal = j-DTRAP, volume = "4", number = "1", pages = "2:1--2:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3492327", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3492327", abstract = "Detecting anomalous behavior on smartphones is challenging since malware evolution. Other methodologies detect malicious behavior by analyzing static features of the application code or dynamic data samples obtained from hardware or software. Static \ldots{}", acknowledgement = ack-nhfb, articleno = "2", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Shobiri:2023:CDS, author = "Behnam Shobiri and Mohammad Mannan and Amr Youssef", title = "{CDNs}' Dark Side: Security Problems in {CDN}-to-Origin Connections", journal = j-DTRAP, volume = "4", number = "1", pages = "3:1--3:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3499428", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3499428", abstract = "Content Delivery Networks (CDNs) play a vital role in today's Internet ecosystem. To reduce the latency of loading a website's content, CDNs deploy edge servers in different geographic locations. CDN providers also offer important security features \ldots{}", acknowledgement = ack-nhfb, articleno = "3", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Xiao:2023:IEF, author = "Ya Xiao and Yang Zhao and Nicholas Allen and Nathan Keynes and Danfeng (Daphne) Yao and Cristina Cifuentes", title = "Industrial Experience of Finding Cryptographic Vulnerabilities in Large-scale Codebases", journal = j-DTRAP, volume = "4", number = "1", pages = "4:1--4:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3507682", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3507682", abstract = "Enterprise environment often screens large-scale (millions of lines of code) codebases with static analysis tools to find bugs and vulnerabilities. Parfait is a static code analysis tool used in Oracle to find security vulnerabilities in industrial \ldots{}", acknowledgement = ack-nhfb, articleno = "4", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Carna:2023:FHH, author = "Stefano Carn{\`a} and Serena Ferracci and Francesco Quaglia and Alessandro Pellegrini", title = "Fight Hardware with Hardware: Systemwide Detection and Mitigation of Side-channel Attacks Using Performance Counters", journal = j-DTRAP, volume = "4", number = "1", pages = "5:1--5:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3519601", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3519601", abstract = "We present a kernel-level infrastructure that allows systemwide detection of malicious applications attempting to exploit cache-based side-channel attacks to break the process confinement enforced by standard operating systems. This infrastructure relies \ldots{}", acknowledgement = ack-nhfb, articleno = "5", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Eren:2023:GPU, author = "Maksim E. Eren and Juston S. Moore and Erik Skau and Elisabeth Moore and Manish Bhattarai and Gopinath Chennupati and Boian S. Alexandrov", title = "General-purpose Unsupervised Cyber Anomaly Detection via Non-negative Tensor Factorization", journal = j-DTRAP, volume = "4", number = "1", pages = "6:1--6:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3519602", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3519602", abstract = "Distinguishing malicious anomalous activities from unusual but benign activities is a fundamental challenge for cyber defenders. Prior studies have shown that statistical user behavior analysis yields accurate detections by learning behavior profiles from \ldots{}", acknowledgement = ack-nhfb, articleno = "6", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Georgoulias:2023:CVC, author = "Dimitrios Georgoulias and Jens Myrup Pedersen and Morten Falch and Emmanouil Vasilomanolakis", title = "{COVID-19} Vaccination Certificates in the {Darkweb}", journal = j-DTRAP, volume = "4", number = "1", pages = "7:1--7:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3530877", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3530877", abstract = "COVID-19 vaccines have been rolled out in many countries and with them a number of vaccination certificates. For instance, the EU is utilizing a digital certificate in the form of a QR-code that is digitally signed and can be easily validated throughout \ldots{}", acknowledgement = ack-nhfb, articleno = "7", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Apruzzese:2023:RML, author = "Giovanni Apruzzese and Pavel Laskov and Edgardo {Montes de Oca} and Wissam Mallouli and Luis {Brdalo Rapa} and Athanasios Vasileios Grammatopoulos and Fabio {Di Franco}", title = "The Role of Machine Learning in Cybersecurity", journal = j-DTRAP, volume = "4", number = "1", pages = "8:1--8:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3545574", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3545574", abstract = "Machine Learning (ML) represents a pivotal technology for current and future information systems, and many domains already leverage the capabilities of ML. However, deployment of ML in cybersecurity is still at an early stage, revealing a significant \ldots{}", acknowledgement = ack-nhfb, articleno = "8", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Ren:2023:SAZ, author = "Mengfei Ren and Xiaolei Ren and Huadong Feng and Jiang Ming and Yu Lei", title = "Security Analysis of {Zigbee} Protocol Implementation via Device-agnostic Fuzzing", journal = j-DTRAP, volume = "4", number = "1", pages = "9:1--9:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3551894", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3551894", abstract = "Zigbee is widely adopted as a resource-efficient wireless protocol in the IoT network. IoT devices from manufacturers have recently been affected due to major vulnerabilities in Zigbee protocol implementations. Security testing of Zigbee protocol \ldots{}", acknowledgement = ack-nhfb, articleno = "9", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Rondon:2023:LSE, author = "Luis Puche Rondon and Leonardo Babun and Ahmet Aris and Kemal Akkaya and A. Selcuk Uluagac", title = "{LGuard}: Securing {Enterprise-IoT} Systems against Serial-Based Attacks via Proprietary Communication Buses", journal = j-DTRAP, volume = "4", number = "1", pages = "10:1--10:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3555721", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3555721", abstract = "Enterprise Internet of Things (E-IoT) systems allow users to control audio, video, scheduled events, lightning fixtures, door access, and relays in complex smart installations. These systems are widely used in government or smart private offices, smart \ldots{}", acknowledgement = ack-nhfb, articleno = "10", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Mahmoud:2023:ADA, author = "Moustafa Mahmoud and Mohammad Mannan and Amr Youssef", title = "{APTHunter}: Detecting Advanced Persistent Threats in Early Stages", journal = j-DTRAP, volume = "4", number = "1", pages = "11:1--11:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3559768", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3559768", abstract = "We propose APTHunter, a system for prompt detection of Advanced and Persistent Threats (APTs) in early stages. We provide an approach for representing the indicators of compromise that appear in the cyber threat intelligence reports and the relationships \ldots{}", acknowledgement = ack-nhfb, articleno = "11", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Landauer:2023:AML, author = "Max Landauer and Markus Wurzenberger and Florian Skopik and Wolfgang Hotwagner and Georg H{\"o}ld", title = "{AMiner}: a Modular Log Data Analysis Pipeline for Anomaly-based Intrusion Detection", journal = j-DTRAP, volume = "4", number = "1", pages = "12:1--12:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3567675", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3567675", abstract = "Cyber attacks are omnipresent and their rapid detection is crucial for system security. Signature-based intrusion detection monitors systems for attack indicators and plays an important role in recognizing and preventing such attacks. Unfortunately, it is \ldots{}", acknowledgement = ack-nhfb, articleno = "12", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kumar:2023:ISD, author = "Saurabh Kumar and Debadatta Mishra and Biswabandan Panda and Sandeep Kumar Shukla", title = "{InviSeal}: a Stealthy Dynamic Analysis Framework for {Android} Systems", journal = j-DTRAP, volume = "4", number = "1", pages = "13:1--13:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3567599", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3567599", abstract = "With wide adaptation of open-source Android into mobile devices by different device vendors, sophisticated malware are developed to exploit security vulnerabilities. As comprehensive security analysis on physical devices are impractical and costly, \ldots{}", acknowledgement = ack-nhfb, articleno = "13", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Staves:2023:AAC, author = "Alexander Staves and Antonios Gouglidis and David Hutchison", title = "An Analysis of Adversary-Centric Security Testing within Information and Operational Technology Environments", journal = j-DTRAP, volume = "4", number = "1", pages = "14:1--14:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3569958", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3569958", abstract = "Assurance techniques such as adversary-centric security testing are an essential part of the risk assessment process for improving risk mitigation and response capabilities against cyber attacks. While the use of these techniques, including vulnerability \ldots{}", acknowledgement = ack-nhfb, articleno = "14", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Levine:2023:ZTA, author = "Alan Levine and Brett Alan Tucker", title = "Zero Trust Architecture: Risk Discussion", journal = j-DTRAP, volume = "4", number = "1", pages = "15:1--15:??", month = mar, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3573892", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:23 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3573892", acknowledgement = ack-nhfb, articleno = "15", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Aysu:2023:ISI, author = "Aydin Aysu and Scott R. Graham", title = "Introduction to the Special Issue on the Digital Threats of Hardware Security", journal = j-DTRAP, volume = "4", number = "2", pages = "16:1--16:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3585011", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3585011", acknowledgement = ack-nhfb, articleno = "16", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Langehaug:2023:CCR, author = "Tor Langehaug and Brett Borghetti and Scott Graham", title = "Classifying Co-resident Computer Programs Using Information Revealed by Resource Contention", journal = j-DTRAP, volume = "4", number = "2", pages = "17:1--17:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3464306", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3464306", abstract = "Modern computer architectures are complex, containing numerous components that can unintentionally reveal system operating properties. Defensive security professionals seek to minimize this kind of exposure while adversaries can leverage the data to \ldots{}", acknowledgement = ack-nhfb, articleno = "17", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Morel:2023:CPM, author = "Lionel Morel and Damien Courouss{\'e} and Thomas Hiscock", title = "Code Polymorphism Meets Code Encryption: Confidentiality and Side-channel Protection of Software Components", journal = j-DTRAP, volume = "4", number = "2", pages = "18:1--18:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3487058", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3487058", abstract = "In this article, we consider that, in practice, attack scenarios involving side-channel analysis combine two successive phases: an analysis phase, targeting the extraction of information about the target and the identification of possible vulnerabilities, \ldots{}", acknowledgement = ack-nhfb, articleno = "18", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Lounis:2023:LLA, author = "Karim Lounis and Mohammad Zulkernine", title = "Lessons Learned: Analysis of {PUF}-based Authentication Protocols for {IoT}", journal = j-DTRAP, volume = "4", number = "2", pages = "19:1--19:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3487060", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3487060", abstract = "The service of authentication constitutes the spine of all security properties. It is the phase where entities prove their identities to each other and generally establish and derive cryptographic keys to provide confidentiality, data integrity, non-. \ldots{}", acknowledgement = ack-nhfb, articleno = "19", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Vaidya:2023:SIA, author = "Girish Vaidya and T. V. Prabhakar and Nithish Gnani and Ryan Shah and Shishir Nagaraja", title = "Sensor Identification via Acoustic Physically Unclonable Function", journal = j-DTRAP, volume = "4", number = "2", pages = "20:1--20:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3488306", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3488306", abstract = "The traceability of components on a supply chain from a production facility to deployment and maintenance depends upon its irrefutable identity. There are two well-known identification methods: an identity code stored in the memory and embedding custom \ldots{}", acknowledgement = ack-nhfb, articleno = "20", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Chen:2023:GGA, author = "Huili Chen and Cheng Fu and Jishen Zhao and Farinaz Koushanfar", title = "{GALU}: a Genetic Algorithm Framework for Logic Unlocking", journal = j-DTRAP, volume = "4", number = "2", pages = "21:1--21:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3491256", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491256", abstract = "Logic locking is a circuit obfuscation technique that inserts additional key gates to the original circuit in order to prevent potential threats such as circuit overproduction, piracy, and counterfeiting. The encrypted circuit generates desired outputs \ldots{}", acknowledgement = ack-nhfb, articleno = "21", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Albasir:2023:TIS, author = "Abdurhman Albasir and Kshirasagar Naik and Ricardo Manzano", title = "Toward Improving the Security of {IoT} and {CPS} Devices: an {AI} Approach", journal = j-DTRAP, volume = "4", number = "2", pages = "22:1--22:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3497862", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3497862", abstract = "Detecting anomalously behaving devices in security-and-safety-critical applications is an important challenge. This article presents an off-device methodology for detecting the anomalous behavior of devices considering their power consumption data. The \ldots{}", acknowledgement = ack-nhfb, articleno = "22", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Iyengar:2023:SIA, author = "S. S. Iyengar and Bhavani Thuraisingham and Marek Zmuda", title = "Special Issue on Actionable Information for Digital Threat Discovery Using Contextualized Data or Multi Sensor Data Fusion", journal = j-DTRAP, volume = "4", number = "2", pages = "23:1--23:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3585079", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3585079", acknowledgement = ack-nhfb, articleno = "23", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Oakley:2023:SSA, author = "Jonathan Oakley and Carl Worley and Lu Yu and Richard R. Brooks and Ilker {\"O}z{\c{c}}elik and Anthony Skjellum and Jihad S. Obeid", title = "{Scrybe}: a Secure Audit Trail for Clinical Trial Data Fusion", journal = j-DTRAP, volume = "4", number = "2", pages = "24:1--24:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3491258", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491258", abstract = "Clinical trials are a multi-billion-dollar industry. One of the biggest challenges facing the clinical trial research community is satisfying Part 11 of Title 21 of the Code of Federal Regulations [ 7 ] and ISO 27789 [ 40 ]. These controls provide audit \ldots{}", acknowledgement = ack-nhfb, articleno = "24", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Sengupta:2023:BBP, author = "Poushali Sengupta and Sudipta Paul and Subhankar Mishra", title = "{BUDS+}: Better Privacy with Converger and Noisy Shuffling", journal = j-DTRAP, volume = "4", number = "2", pages = "25:1--25:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3491259", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3491259", abstract = "Advancements in machine learning and data science deal with the collection of a tremendous amount of data for research and analysis, following which there is a growing awareness among a large number of users about their sensitive data, and hence privacy \ldots{}", acknowledgement = ack-nhfb, articleno = "25", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Casino:2023:ACV, author = "Fran Casino and Nikolaos Totosis and Theodoros Apostolopoulos and Nikolaos Lykousas and Constantinos Patsakis", title = "Analysis and Correlation of Visual Evidence in Campaigns of Malicious {Office} Documents", journal = j-DTRAP, volume = "4", number = "2", pages = "26:1--26:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3513025", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3513025", abstract = "Many malware campaigns use Microsoft (MS) Office documents as droppers to download and execute their malicious payload. Such campaigns often use these documents because MS Office is installed on billions of devices and that these files allow the execution \ldots{}", acknowledgement = ack-nhfb, articleno = "26", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bridges:2023:BHE, author = "Robert A. Bridges and Sean Oesch and Michael D. Iannacone and Kelly M. T. Huffer and Brian Jewell and Jeff A. Nichols and Brian Weber and Miki E. Verma and Daniel Scofield and Craig Miles and Thomas Plummer and Mark Daniell and Anne M. Tall and Justin M. Beaver and Jared M. Smith", title = "Beyond the Hype: an Evaluation of Commercially Available Machine Learning-based Malware Detectors", journal = j-DTRAP, volume = "4", number = "2", pages = "27:1--27:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3567432", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3567432", abstract = "There is a lack of scientific testing of commercially available malware detectors, especially those that boast accurate classification of never-before-seen (i.e., zero-day) files using machine learning (ML). Consequently, efficacy of malware detectors is \ldots{}", acknowledgement = ack-nhfb, articleno = "27", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bhowmick:2023:BCS, author = "Rajat Subhra Bhowmick and Rahul Indra and Isha Ganguli and Jayanta Paul and Jaya Sil", title = "Breaking {Captcha} System with Minimal Exertion through Deep Learning: Real-time Risk Assessment on {Indian} Government {Websites}", journal = j-DTRAP, volume = "4", number = "2", pages = "28:1--28:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3584974", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3584974", abstract = "Captchas are used to prevent computer bots from launching spam attacks and automatically extracting data available in the websites. The government websites mostly contain sensitive data related to citizens and assets of the country, and the vulnerability \ldots{}", acknowledgement = ack-nhfb, articleno = "28", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Walshe:2023:TGU, author = "Thomas Walshe and Andrew Simpson", title = "Towards a Greater Understanding of Coordinated Vulnerability Disclosure Policy Documents", journal = j-DTRAP, volume = "4", number = "2", pages = "29:1--29:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3586180", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3586180", abstract = "Bug bounty programmes and vulnerability disclosure programmes, collectively referred to as Coordinated Vulnerability Disclosure (CVD) programmes, open up an organisation's assets to the inquisitive gaze of (often eager) white-hat hackers. Motivated by the \ldots{}", acknowledgement = ack-nhfb, articleno = "29", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Graux:2023:ORO, author = "Pierre Graux and Jean-Fran{\c{c}}ois Lalande and Val{\'e}rie Viet Triem Tong and Pierre Wilke", title = "{OATs'inside}: Retrieving Object Behaviors From Native-based Obfuscated {Android} Applications", journal = j-DTRAP, volume = "4", number = "2", pages = "30:1--30:??", month = jun, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3584975", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:24 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3584975", abstract = "Analyzing Android applications is essential to review proprietary code and to understand malware behaviors. However, Android applications use obfuscation techniques to slow down this process. These obfuscation techniques are increasingly based on native \ldots{}", acknowledgement = ack-nhfb, articleno = "30", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Dewald:2023:IIS, author = "Andreas Dewald and Thomas Schreck", title = "Introduction to the {IMF 2023} Special Issue", journal = j-DTRAP, volume = "4", number = "3", pages = "31:1--31:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3626105", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3626105", acknowledgement = ack-nhfb, articleno = "31", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hammer:2023:FCF, author = "Andreas Hammer and Mathis Ohlig and Julian Geus and Felix Freiling", title = "A Functional Classification of Forensic Access to Storage and its Legal Implications", journal = j-DTRAP, volume = "4", number = "3", pages = "32:1--32:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609231", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609231", abstract = "Due to their ease of use and their reliability, managed storage services in the cloud have become a standard way to store files for many users. Consequently, data from cloud storage services and remote file systems in general is an increasingly valuable \ldots{}", acknowledgement = ack-nhfb, articleno = "32", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Gruber:2023:FTE, author = "Jan Gruber and Merlin Humml", title = "A Formal Treatment of Expressiveness and Relevanceof Digital Evidence", journal = j-DTRAP, volume = "4", number = "3", pages = "33:1--33:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3608485", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3608485", abstract = "Digital investigations are largely concerned with reconstructing past events based on traces in digital systems. Given their importance, many concepts have been established to describe their quality-most of them concerned with procedural aspects, i.e., \ldots{}", acknowledgement = ack-nhfb, articleno = "33", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Klier:2023:BFA, author = "Samantha Klier and Jan Varenkamp and Harald Baier", title = "Back and Forth-On Automatic Exposure of Origin and Dissemination of Files on {Windows}", journal = j-DTRAP, volume = "4", number = "3", pages = "34:1--34:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609232", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609232", abstract = "The number of Child Sexual Abuse Material (CSAM) cases has increased dramatically in recent years. This leads to the need to automate various steps in digital forensic processing, especially for CSAM investigations. For instance, if CSAM pictures are \ldots{}", acknowledgement = ack-nhfb, articleno = "34", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bajramovic:2023:LLA, author = "Edita Bajramovic and Christofer Fein and Marius Frinken and Paul R{\"o}sler and Felix Freiling", title = "{LAVA}: Log Authentication and Verification Algorithm", journal = j-DTRAP, volume = "4", number = "3", pages = "35:1--35:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609233", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609233", abstract = "Log files provide essential information regarding the actions of processes in critical computer systems. If an attacker modifies log entries, then critical digital evidence is lost. Therefore, many algorithms for secure logging have been devised, each \ldots{}", acknowledgement = ack-nhfb, articleno = "35", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hilbig:2023:STR, author = "Tobias Hilbig and Thomas Geras and Erwin Kupris and Thomas Schreck", title = "{\tt security.txt} Revisited: Analysis of Prevalence and Conformity in 2022", journal = j-DTRAP, volume = "4", number = "3", pages = "36:1--36:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609234", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609234", abstract = "Determining the correct contact person for a particular system or organization is challenging in today's Internet architecture. However, there are various stakeholders who will need to have such information, such as national security teams, security \ldots{}", acknowledgement = ack-nhfb, articleno = "36", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bausch:2023:FEC, author = "Florian Bausch and Andreas Dewald", title = "Forensic Examination of {Ceph}", journal = j-DTRAP, volume = "4", number = "3", pages = "37:1--37:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609862", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609862", abstract = "The concept of Software Defined Storage (SDS) has become very popular over the last few years. It is used in public, private, and hybrid clouds to store enterprise, private, and other kinds of data. Ceph is an open source software that implements an SDS \ldots{}", acknowledgement = ack-nhfb, articleno = "37", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Gobel:2023:DDF, author = "Thomas G{\"o}bel and Harald Baier and Frank Breitinger", title = "Data for Digital Forensics: Why a Discussion on {``How Realistic is Synthetic Data''} is Dispensable", journal = j-DTRAP, volume = "4", number = "3", pages = "38:1--38:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609863", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609863", abstract = "Digital forensics depends on data sets for various purposes like concept evaluation, educational training, and tool validation. Researchers have gathered such data sets into repositories and created data simulation frameworks for producing large amounts \ldots{}", acknowledgement = ack-nhfb, articleno = "38", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Botacin:2023:ISI, author = "Marcus Botacin and Uriel Kosayev and Ruimin Sun", title = "Introduction to the Special Issue on Memory-Based Malware and Other Unconventional Threats", journal = j-DTRAP, volume = "4", number = "3", pages = "39:1--39:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3627521", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3627521", acknowledgement = ack-nhfb, articleno = "39", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Rose:2023:IWN, author = "Anthony Rose and Scott Graham and Jacob Krasnov", title = "{IronNetInjector}: Weaponizing {.NET} Dynamic Language Runtime Engines", journal = j-DTRAP, volume = "4", number = "3", pages = "40:1--40:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3603506", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3603506", abstract = "As adversaries evolve their Tactics, Techniques, and Procedures (TTPs) to stay ahead of defenders, Microsoft's .NET Framework emerges as a common component found in the tradecraft of many contemporary Advanced Persistent Threats (APTs), whether through \ldots{}", acknowledgement = ack-nhfb, articleno = "40", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Boyarchuk:2023:KET, author = "Oleg Boyarchuk and Sebastiano Mariani and Stefano Ortolani and Giovanni Vigna", title = "Keeping Up with the Emotets: Tracking a Multi-infrastructure Botnet", journal = j-DTRAP, volume = "4", number = "3", pages = "41:1--41:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3594554", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3594554", abstract = "Throughout its eight-year history, Emotet has caused substantial damage. This threat reappeared at the beginning of 2022 following a take-down by law enforcement in November 2021. Emotet is arguably one of the most notorious advanced persistent threats, \ldots{}", acknowledgement = ack-nhfb, articleno = "41", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Srinivasa:2023:GCE, author = "Shreyas Srinivasa and Jens Myrup Pedersen and Emmanouil Vasilomanolakis", title = "Gotta Catch 'em All: a Multistage Framework for Honeypot Fingerprinting", journal = j-DTRAP, volume = "4", number = "3", pages = "42:1--42:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3584976", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3584976", abstract = "Honeypots are decoy systems that lure attackers by presenting them with a seemingly vulnerable system. They provide an early detection mechanism as well as a method for learning how adversaries work and think. However, over the past years, several \ldots{}", acknowledgement = ack-nhfb, articleno = "42", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Anand:2023:HED, author = "P. Mohan Anand and P. V. Sai Charan and Sandeep K. Shukla", title = "{HiPeR} --- Early Detection of a Ransomware Attack using Hardware Performance Counters", journal = j-DTRAP, volume = "4", number = "3", pages = "43:1--43:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3608484", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3608484", abstract = "Ransomware has been one of the most prevalent forms of malware over the previous decade, and it continues to be one of the most significant threats today. Recently, ransomware strategies such as double extortion and rapid encryption have encouraged \ldots{}", acknowledgement = ack-nhfb, articleno = "43", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Falduti:2023:MIR, author = "Mattia Falduti and Sergio Tessaris", title = "Mapping the Interdisciplinary Research on Non-consensual Pornography: Technical and Quantitative Perspectives", journal = j-DTRAP, volume = "4", number = "3", pages = "44:1--44:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3608483", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3608483", abstract = "The phenomenon of the non-consensual distribution of intimate or sexually explicit digital images of adults, a.k.a. non-consensual pornography (NCP) or revenge pornography, is under the spotlight for the toll it is taking on society. Law enforcement \ldots{}", acknowledgement = ack-nhfb, articleno = "44", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Kassim:2023:UHN, author = "Sharifah Roziah Binti Mohd Kassim and Shujun Li and Budi Arief", title = "Understanding How National {CSIRTs} Evaluate Cyber Incident Response Tools and Data: Findings from Focus Group Discussions", journal = j-DTRAP, volume = "4", number = "3", pages = "45:1--45:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3609230", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3609230", abstract = "National Computer Security Incident Response Teams (CSIRTs) have been established worldwide to coordinate responses to computer security incidents at the national level. While it is known that national CSIRTs routinely use different types of tools and \ldots{}", acknowledgement = ack-nhfb, articleno = "45", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Adane:2023:SHE, author = "Kibreab Adane and Berhanu Beyene and Mohammed Abebe", title = "Single and Hybrid-Ensemble Learning-Based Phishing {Website} Detection: Examining Impacts of Varied Nature Datasets and Informative Feature Selection Technique", journal = j-DTRAP, volume = "4", number = "3", pages = "46:1--46:??", month = sep, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3611392", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:25 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3611392", abstract = "To tackle issues associated with phishing website attacks, the study conducted rigorous experiments on RF, GB, and CATB classifiers. Since each classifier was an ensemble learner on their own; we integrated them into stacking and majority vote ensemble \ldots{}", acknowledgement = ack-nhfb, articleno = "46", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hueca:2023:ISI, author = "Angel Hueca and Sharon Mudd and Timothy Shimeall", title = "Introduction to the Special Issue on Information Sharing", journal = j-DTRAP, volume = "4", number = "4", pages = "47:1--47:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3635391", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3635391", acknowledgement = ack-nhfb, articleno = "47", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Husak:2023:LLA, author = "Martin Hus{\'a}k and Pavol Sokol and Martin Z{\'a}dn{\'\i}k and V{\'a}clav Bartos and Martin Hor{\'a}k", title = "Lessons Learned from Automated Sharing of Intrusion Detection Alerts: The Case of the {SABU} Platform", journal = j-DTRAP, volume = "4", number = "4", pages = "48:1--48:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3611391", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3611391", abstract = "Sharing the alerts from intrusion detection systems among multiple computer networks and organizations allows for seeing the ``big picture'' of the network security situation and improves the capabilities of cyber incident response. However, such a task \ldots{}", acknowledgement = ack-nhfb, articleno = "48", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Connolly:2023:DWM, author = "Kate Connolly and Anna Klempay and Mary McCann and Paul Brenner", title = "Dark {Web} Marketplaces: Data for Collaborative Threat Intelligence", journal = j-DTRAP, volume = "4", number = "4", pages = "49:1--49:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3615666", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3615666", abstract = "The dark web has become an increasingly important landscape for the sale of illicit cyber goods. Given the prevalence of malware and tools that are used to steal data from individuals on these markets, it is crucial that every company, governing body, and \ldots{}", acknowledgement = ack-nhfb, articleno = "49", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Xenakis:2023:SAS, author = "Antonios Xenakis and Sabrina Mamtaz Nourin and Zhiyuan Chen and George Karabatis and Ahmed Aleroud and Jhancy Amarsingh", title = "A Self-adaptive and Secure Approach to Share Network Trace Data", journal = j-DTRAP, volume = "4", number = "4", pages = "50:1--50:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3617181", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3617181", abstract = "A large volume of network trace data are collected by the government and public and private organizations and can be analyzed for various purposes such as resolving network problems, improving network performance, and understanding user behavior. However, \ldots{}", acknowledgement = ack-nhfb, articleno = "50", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Arief:2023:ISI, author = "Budi Arief and Lena Connolly and Julio Hernandez-Castro and Allan Liska and Peter Y. A. Ryan", title = "Introduction to the Special Issue on Ransomware", journal = j-DTRAP, volume = "4", number = "4", pages = "51:1--51:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3629999", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3629999", acknowledgement = ack-nhfb, articleno = "51", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Lang:2023:EMR, author = "Michael Lang and Lena Connolly and Paul Taylor and Phillip J. Corner", title = "The Evolving Menace of Ransomware: a Comparative Analysis of Pre-pandemic and Mid-pandemic Attacks", journal = j-DTRAP, volume = "4", number = "4", pages = "52:1--52:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3558006", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3558006", abstract = "Drawing upon direct interviews and secondary sources, this article presents a qualitative comparative analysis of 39 ransomware attacks, 26 of which occurred shortly before the outbreak of the COVID-19 pandemic and 13 of which took place during the \ldots{}", acknowledgement = ack-nhfb, articleno = "52", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Yilmaz:2023:PTR, author = "Yagiz Yilmaz and Orcun Cetin and Claudia Grigore and Budi Arief and Julio Hernandez-Castro", title = "Personality Types and Ransomware Victimisation", journal = j-DTRAP, volume = "4", number = "4", pages = "53:1--53:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3568994", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3568994", abstract = "Ransomware remains one of the most prevalent cyberthreats to individuals and businesses alike. Psychological techniques are often employed by attackers when infecting victims' devices with ransomware in an attempt to increase the likelihood of the victims \ldots{}", acknowledgement = ack-nhfb, articleno = "53", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Mundt:2023:TBS, author = "Michael Mundt and Harald Baier", title = "Threat-Based Simulation of Data Exfiltration Toward Mitigating Multiple Ransomware Extortions", journal = j-DTRAP, volume = "4", number = "4", pages = "54:1--54:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3568993", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3568993", abstract = "Network-based attacks and their mitigation are of increasing importance in our ever-connected world. Often network-based attacks address valuable data, which the attacker either encrypts to extort ransom or steals to make money reselling, or both. After \ldots{}", acknowledgement = ack-nhfb, articleno = "54", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Axon:2023:RPM, author = "Louise Axon and Arnau Erola and Ioannis Agrafiotis and Ganbayar Uuganbayar and Michael Goldsmith and Sadie Creese", title = "Ransomware as a Predator: Modelling the Systemic Risk to Prey", journal = j-DTRAP, volume = "4", number = "4", pages = "55:1--55:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3579648", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3579648", abstract = "The accelerated pace with which companies, governments, and institutions embrace digital transformation is creating opportunities for economic prosperity, but also increases the threat landscape. Recent orchestrated cyber-attacks have revealed the \ldots{}", acknowledgement = ack-nhfb, articleno = "55", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Cartwright:2023:ERA, author = "Anna Cartwright and Edward Cartwright", title = "The Economics of Ransomware Attacks on Integrated Supply Chain Networks", journal = j-DTRAP, volume = "4", number = "4", pages = "56:1--56:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3579647", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3579647", abstract = "We explore the economics of ransomware on production supply chains. Integrated supply chains result in a mutual-dependence between firms that can be exploited by cyber-criminals. For instance, we show that by targeting one firm in the network the \ldots{}", acknowledgement = ack-nhfb, articleno = "56", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Bajpai:2023:KTR, author = "Pranshu Bajpai and Richard Enbody", title = "Know Thy Ransomware Response: a Detailed Framework for Devising Effective Ransomware Response Strategies", journal = j-DTRAP, volume = "4", number = "4", pages = "57:1--57:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3606022", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3606022", abstract = "Ransomware has evolved into one of the most severe cyberthreats against private and public sectors alike. Organizations are inundated with a barrage of intrusion attempts that ultimately morph into full-scale ransomware attacks. Efforts to combat these \ldots{}", acknowledgement = ack-nhfb, articleno = "57", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{vanHove:2023:RTA, author = "Koen van Hove and Jeroen van der Ham-de Vos and Roland van Rijswijk-Deij", title = "{rpkiller}: Threat Analysis of the {BGP} Resource Public Key Infrastructure", journal = j-DTRAP, volume = "4", number = "4", pages = "58:1--58:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3617182", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3617182", abstract = "The Resource Public Key Infrastucture (RPKI) has been created to solve security shortcomings of the Border Gateway Protocol (BGP). This creates an infrastructure where resource holders (autonomous systems) can make attestations about their resources \ldots{}", acknowledgement = ack-nhfb, articleno = "58", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Allison:2023:GEI, author = "David Allison and Kieran McLaughlin and Paul Smith", title = "Goosewolf: an Embedded Intrusion Detection System for Advanced Programmable Logic Controllers", journal = j-DTRAP, volume = "4", number = "4", pages = "59:1--59:??", month = dec, year = "2023", CODEN = "????", DOI = "https://doi.org/10.1145/3617692", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:26 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3617692", abstract = "Critical infrastructures are making increasing use of digital technology for process control. While there are benefits, such as increased efficiency and new functionality, digitalization also introduces the risk of cyber-attacks to systems that support \ldots{}", acknowledgement = ack-nhfb, articleno = "59", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Samtani:2024:AML, author = "Sagar Samtani and Edward Raff and Hyrum Anderson", title = "Applied Machine Learning for Information Security", journal = j-DTRAP, volume = "5", number = "1", pages = "1:1--1:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3652029", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3652029", abstract = "Information security has undoubtedly become a critical aspect of modern cybersecurity practices. Over the past half-decade, numerous academic and industry groups have sought to develop machine learning, deep learning, and other areas of artificial \ldots{}", acknowledgement = ack-nhfb, articleno = "1", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Domschot:2024:IAL, author = "Eva Domschot and Ramyaa Ramyaa and Michael R. Smith", title = "Improving Automated Labeling for {ATT\&CK} Tactics in Malware Threat Reports", journal = j-DTRAP, volume = "5", number = "1", pages = "2:1--2:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3594553", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3594553", abstract = "Once novel malware is detected, threat reports are written by security companies that discover it. The reports often vary in the terminology describing the behavior of the malware making comparisons of reports of the same malware from different companies \ldots{}", acknowledgement = ack-nhfb, articleno = "2", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Pimenta:2024:ARC, author = "Thalita Scharr Rodrigues Pimenta and Fabricio Ceschin and Andre Gregio", title = "{ANDROIDGYNY}: Reviewing Clustering Techniques for {Android} Malware Family Classification", journal = j-DTRAP, volume = "5", number = "1", pages = "3:1--3:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3587471", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3587471", abstract = "Thousands of malicious applications (apps) are created daily, modified with the aid of automation tools, and released on the World Wide Web. Several techniques have been applied over the years to identify whether an APK is malicious or not. The use of \ldots{}", acknowledgement = ack-nhfb, articleno = "3", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Rudd:2024:EMA, author = "Ethan M. Rudd and David Krisiloff and Scott Coull and Daniel Olszewski and Edward Raff and James Holt", title = "Efficient Malware Analysis Using Metric Embeddings", journal = j-DTRAP, volume = "5", number = "1", pages = "4:1--4:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3615669", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3615669", abstract = "Real-world malware analysis consists of a complex pipeline of classifiers and data analysis-from detection to classification of capabilities to retrieval of unique training samples from user systems. In this article, we aim to reduce the complexity of \ldots{}", acknowledgement = ack-nhfb, articleno = "4", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hong:2024:TAD, author = "Andrew E. Hong and Peter P. Malinovsky and Suresh K. Damodaran", title = "Towards Attack Detection in Multimodal Cyber-Physical Systems with Sticky {HDP}-{HMM} based Time Series Analysis", journal = j-DTRAP, volume = "5", number = "1", pages = "5:1--5:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3604434", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3604434", abstract = "Automatic detection of the precise occurrence and duration of an attack reflected in time-series logs generated by cyber-physical systems is a challenging problem. This problem is exacerbated when performing this analysis using logs with limited system \ldots{}", acknowledgement = ack-nhfb, articleno = "5", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Taviss:2024:AEA, author = "Scarlett Taviss and Steven H. H. Ding and Mohammad Zulkernine and Philippe Charland and Sudipta Acharya", title = "{Asm2Seq}: Explainable Assembly Code Functional Summary Generation for Reverse Engineering and Vulnerability Analysis", journal = j-DTRAP, volume = "5", number = "1", pages = "6:1--6:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3592623", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3592623", abstract = "Reverse engineering is the process of understanding the inner working of a software system without having the source code. It is critical for firmware security validation, software vulnerability research, and malware analysis. However, it often requires a \ldots{}", acknowledgement = ack-nhfb, articleno = "6", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Gao:2024:EAP, author = "Yang Gao and Benjamin M. Ampel and Sagar Samtani", title = "Evading Anti-Phishing Models: a Field Note Documenting an Experience in the Machine Learning Security Evasion Competition 2022", journal = j-DTRAP, volume = "5", number = "1", pages = "7:1--7:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3603507", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3603507", abstract = "Although machine learning-based anti-phishing detectors have provided promising results in phishing website detection, they remain vulnerable to evasion attacks. The Machine Learning Security Evasion Competition 2022 (MLSEC 2022) provides researchers and \ldots{}", acknowledgement = ack-nhfb, articleno = "7", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Hemberg:2024:ETV, author = "Erik Hemberg and Matthew J. Turner and Nick Rutar and Una-May O'reilly", title = "Enhancements to Threat, Vulnerability, and Mitigation Knowledge for Cyber Analytics, Hunting, and Simulations", journal = j-DTRAP, volume = "5", number = "1", pages = "8:1--8:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3615668", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3615668", abstract = "Cross-linked threat, vulnerability, and defensive mitigation knowledge is critical in defending against diverse and dynamic cyber threats. Cyber analysts consult it by deductively or inductively creating a chain of reasoning to identify a threat starting \ldots{}", acknowledgement = ack-nhfb, articleno = "8", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Ceschin:2024:MLS, author = "Fabr{\'\i}cio Ceschin and Marcus Botacin and Albert Bifet and Bernhard Pfahringer and Luiz S. Oliveira and Heitor Murilo Gomes and Andr{\'e} Gr{\'e}gio", title = "Machine Learning (In) Security: a Stream of Problems", journal = j-DTRAP, volume = "5", number = "1", pages = "9:1--9:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3617897", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3617897", abstract = "Machine Learning (ML) has been widely applied to cybersecurity and is considered state-of-the-art for solving many of the open issues in that field. However, it is very difficult to evaluate how good the produced solutions are, since the challenges faced \ldots{}", acknowledgement = ack-nhfb, articleno = "9", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Joshi:2024:LSP, author = "Rucha Bhalchandra Joshi and Subhankar Mishra", title = "Locally and Structurally Private Graph Neural Networks", journal = j-DTRAP, volume = "5", number = "1", pages = "10:1--10:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3624485", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3624485", abstract = "Graph Neural Networks (GNNs) are known to address such tasks over graph-structured data, which is widely used to represent many real-world systems. The collection and analysis of graph data using GNNs raise significant privacy concerns regarding \ldots{}", acknowledgement = ack-nhfb, articleno = "10", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Chen:2024:EEF, author = "Yurong Chen and Yongsheng Mei and Tian Lan and Guru Venkataramani", title = "Exploring Effective Fuzzing Strategies to Analyze Communication Protocols", journal = j-DTRAP, volume = "5", number = "1", pages = "11:1--11:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3526088", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3526088", abstract = "While coverage-based greybox fuzzing has gained great success in the field of vulnerability detection due to its simplicity and efficiency, it could become less powerful when applied directly to protocol fuzzing due to the unique challenges of protocol \ldots{}", acknowledgement = ack-nhfb, articleno = "11", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", } @Article{Tsunoda:2024:DSO, author = "Akaki Tsunoda", title = "Demonstrating Spoofability of an Originating Number when Sending an {SMS} using {SMPP}", journal = j-DTRAP, volume = "5", number = "1", pages = "12:1--12:??", month = mar, year = "2024", CODEN = "????", DOI = "https://doi.org/10.1145/3615667", ISSN = "2692-1626 (print), 2576-5337 (electronic)", ISSN-L = "2576-5337", bibdate = "Tue May 28 14:46:27 MDT 2024", bibsource = "https://www.math.utah.edu/pub/tex/bib/dtrap.bib", URL = "https://dl.acm.org/doi/10.1145/3615667", abstract = "The short message service (SMS), a service for exchanging texts via mobile networks, has become a universal means of communication. SMS is a mechanism for sending a text message to a specific mobile phone number. Its protocol enables the sender to specify \ldots{}", acknowledgement = ack-nhfb, articleno = "12", fjournal = "Digital Threats: Research and Practice (DTRAP)", journal-URL = "https://dl.acm.org/loi/dtrap", }