Risks and Security of Internet and Systems

This book constitutes the proceedings of the 15th International Conference on Risks and Security of Internet and Systems, CRiTIS 2020, which took place during November 4-6, 2020. The conference was originally planned to take place in Paris, France, but had to change to an online format due to the COVID-19 pandemic.

The 16 full and 7 short papers included in this volume were carefully reviewed and selected from 44 submissions. In addition, the book contains one invited talk in full paper length.

The papers were organized in topical sections named: vulnerabilities, attacks and intrusion detection; TLS, openness and security control; access control, risk assessment and security knowledge; risk analysis, neural networks and Web protection; infrastructure security and malware detection.

Inhalt

Keynote Talk.- New Dimensions of Information Warfare: The Economic Pillar - Fintech and Cryptocurrencies.- Vulnerabilities, Attacks and Intrusion Detection.- Measuring and Modeling Software Vulnerability Security Advisory Platforms.- Frequency Hopping Spread Spectrum to Counter Relay Attacks in PKESs.- A Deeper Analysis of Adversarial Examples in Intrusion Detection.- TLS, Openness and Security Control.- Implementation Flaws in TLS Stacks: Lessons Learned and Study of TLS 1.3 Benefits.- Security through Transparency and Openness in Computer Design.- An ML Behavior-based Security Control for Smart Home Systems.- Access Control, Risk Assessment and Security Knowledge.- A Posteriori Analysis of Policy Temporal Compliance.- Asset-driven Approach for Security Risk Assessment in IoT Systems.- Heterogeneous security events prioritization using auto-encoders.- Community Knowledge about Security: Identification and Classification of User Contributions.- Risk Analysis, Neural Networks and Web Protection.- Modelling Security Risk Scenarios using Subjective Attack Trees.- Premium Access to Convolutional Neural Networks.- An OWASP Top Ten Driven Survey for Web Application Protection Methods.- Infrastructure Security and Malware Detection.- Autonomous Vehicle Security: Literature Review of Real Attack Experiments.- New Dataset for Industry 4.0 to address the change in threat landscape.- Toward Semantic-Based Android Malware Detection Using Model Checking and Machine Learning.- Short Papers.- Augmented Voting Reality.- Malicious Http Request Detection using Code-Level Convolutional Neural Network.- Enhancement of a business model with a Business Contextual Risk Model.- Secure Data Processing for Industrial Remote Diagnosis and Maintenance.- Towards Attacker Attribution for Risk Analysis.- Modelling and Verification of Safety of Access Control in SCADA Systems.- Security Assessment and Hardening of Autonomous Vehicles.