Malware distributions and graph structure of the Web

Knowledge about the graph structure of the Web is important for understanding this complex socio-technical system and for devising proper policies supporting its future development. Knowledge about the differences between clean and malicious parts of the Web is important for understanding potential treats to its users and for devising protection mechanisms. In this study, we conduct data science methods on a large crawl of surface and deep Web pages with the aim to increase such knowledge. To accomplish this, we answer the following questions. Which theoretical distributions explain important local characteristics and network properties of websites? How are these characteristics and properties different between clean and malicious (malware-affected) websites? What is the prediction power of local characteristics and network properties to classify malware websites? To the best of our knowledge, this is the first large-scale study describing the differences in global properties between malicious and clean parts of the Web. In other words, our work is building on and bridging the gap between \textit{Web science} that tackles large-scale graph representations and \textit{Web cyber security} that is concerned with malicious activities on the Web. The results presented herein can also help antivirus vendors in devising approaches to improve their detection algorithms

XAI-CF -- Examining the Role of Explainable Artificial Intelligence in Cyber Forensics

With the rise of complex cyber devices Cyber Forensics (CF) is facing many new challenges. For example, there are dozens of systems running on smartphones, each with more than millions of downloadable applications. Sifting through this large amount of data and making sense requires new techniques, such as from the field of Artificial Intelligence (AI). To apply these techniques successfully in CF, we need to justify and explain the results to the stakeholders of CF, such as forensic analysts and members of the court, for them to make an informed decision. If we want to apply AI successfully in CF, there is a need to develop trust in AI systems. Some other factors in accepting the use of AI in CF are to make AI authentic, interpretable, understandable, and interactive. This way, AI systems will be more acceptable to the public and ensure alignment with legal standards. An explainable AI (XAI) system can play this role in CF, and we call such a system XAI-CF. XAI-CF is indispensable and is still in its infancy. In this paper, we explore and make a case for the significance and advantages of XAI-CF. We strongly emphasize the need to build a successful and practical XAI-CF system and discuss some of the main requirements and prerequisites of such a system. We present a formal definition of the terms CF and XAI-CF and a comprehensive literature review of previous works that apply and utilize XAI to build and increase trust in CF. We discuss some challenges facing XAI-CF. We also provide some concrete solutions to these challenges. We identify key insights and future research directions for building XAI applications for CF. This paper is an effort to explore and familiarize the readers with the role of XAI applications in CF, and we believe that our work provides a promising basis for future researchers interested in XAI-CF

Cyber Law and Espionage Law as Communicating Vessels

Professor Lubin\u27s contribution is Cyber Law and Espionage Law as Communicating Vessels, pp. 203-225. Existing legal literature would have us assume that espionage operations and “below-the-threshold” cyber operations are doctrinally distinct. Whereas one is subject to the scant, amorphous, and under-developed legal framework of espionage law, the other is subject to an emerging, ever-evolving body of legal rules, known cumulatively as cyber law. This dichotomy, however, is erroneous and misleading. In practice, espionage and cyber law function as communicating vessels, and so are better conceived as two elements of a complex system, Information Warfare (IW). This paper therefore first draws attention to the similarities between the practices – the fact that the actors, technologies, and targets are interchangeable, as are the knee-jerk legal reactions of the international community. In light of the convergence between peacetime Low-Intensity Cyber Operations (LICOs) and peacetime Espionage Operations (EOs) the two should be subjected to a single regulatory framework, one which recognizes the role intelligence plays in our public world order and which adopts a contextual and consequential method of inquiry. The paper proceeds in the following order: Part 2 provides a descriptive account of the unique symbiotic relationship between espionage and cyber law, and further explains the reasons for this dynamic. Part 3 places the discussion surrounding this relationship within the broader discourse on IW, making the claim that the convergence between EOs and LICOs, as described in Part 2, could further be explained by an even larger convergence across all the various elements of the informational environment. Parts 2 and 3 then serve as the backdrop for Part 4, which details the attempt of the drafters of the Tallinn Manual 2.0 to compartmentalize espionage law and cyber law, and the deficits of their approach. The paper concludes by proposing an alternative holistic understanding of espionage law, grounded in general principles of law, which is more practically transferable to the cyber realmhttps://www.repository.law.indiana.edu/facbooks/1220/thumbnail.jp

Prévention des attaques par logiciels malveillants: perspectives de la santé publique

L’augmentation de la connectivité et du développement des infrastructures numériques a contribué à multiplier les motivations et les opportunités des attaques informatiques. Bien que plusieurs progrès aient été réalisés au niveau du développement et de l’implémentation de stratégies de protection, la majorité de ces efforts sont dédiés au développement de nouvelles solutions, et non à leur évaluation et leur promotion. Il devient dès lors essentiel pour les gouvernements, les entreprises, et les individus de définir des modèles et des moyens de coopération permettant d’identifier et d’évaluer les stratégies visant à réduire le risque que posent les menaces informatiques. À cet effet, le domaine de la sécurité des systèmes d’information pourrait bénéficier des leçons apprises et des méthodes utilisées dans le domaine de la santé. En particulier, nous croyons que l’adoption d’une perspective axée sur l’approche de la santé publique permettrait de founir un cadre global pour i) identifier les facteurs qui affectent la sécurité des systèmes d’information et en comprendre les causes sous-jacentes, ii) développer et évaluer des stratégies efficaces visant à améliorer la sécurité des systèmes d’information, et iii) implémenter et disséminer auprès de la population les stratégies développées. Dans le cadre de la présente thèse, nous proposons de nous inspirer des méthodes en santé publique pour développer un modèle de prévention applicable au contexte des attaques par logiciels malveillants. Notamment, nous appliquons notre modèle de prévention afin d’identifier les causes et les corrélats reliés aux attaques par logiciels malveillants, et d’évaluer l’efficacité réelle des solutions antivirus à prévenir ces attaques. À partir de données réelles d’attaques par logiciels malveillants, nous avons réalisé cinq études empiriques ; trois visant à identifier des facteurs de risque et des facteurs de protection, et deux visant à évaluer l’efficacité des antivirus dans un environnement réel. Les résultats de nos travaux de recherche ont, entre autres, permis : i) d’identifier de nouveaux facteurs de risque et de protection reliés aux attaques par logiciels malveillants, ii) d’identifier des sous-populations à risque plus élevé, et iii) de mettre en évidence comment l’effet des facteurs identifiés et des solutions antivirus varie selon le contexte (type de menace, environnement, usager, etc.). Qui plus est, la présente thèse a permis de valider la viabilité et le potentiel d’une approche basée sur la santé publique en sécurité des systèmes d’information.----------ABSTRACT: The increased connectivity and development of digital infrastructures has yielded to increased motivation and opportunities for computer threats. Although there has been some progress in the development and implementation of protection strategies, the majority of these efforts are dedicated to the development of new solutions, and not to their evaluation and promotion. It is therefore essential for governments, businesses, and individuals to develop models and means of cooperation in order to identify and evaluate effective strategies aimed at reducing the risk posed by computer threats. To this end, the field of information security could benefit from lessons learned and methods used in health. In particular, we believe that adopting a public health perspective could provide a comprehensive framework for i) identifying and understanding the factors that affect the information systems security and understand their underlying causes, ii) develop and evaluate effective strategies to improve the security of information systems, and iii) implement and disseminate the strategies developed to the population. In this thesis, we propose to use public health methods to develop a prevention model for the context of malware attacks. In particular, we apply our prevention model to identify the causes and correlates of malware attacks, and evaluate the effectiveness of antivirus solutions in preventing computer threats. Using real-world malware attacks data, we conducted five empirical studies ; three to identify risk factors and protective factors, and two to assess the effectiveness of antivirus in a real-world environment. The results of our research allowed us, among others, to : i) identify new risk and protective factors related to malware attacks, ii) identify high-risk sub-populations, and iii) highlight how the effect of the identified factors and antivirus solutions vary by context (type of threat, environment, user, etc.). In addition, this thesis validated the viability and potential of a public health approach to information security

Archibald Reiss Days : Thematic conference proceedings of international significance : International Scientific Conference, Belgrade, 7-9 November 2017

In front of you is the Thematic Collection of Papers presented at the International Scientific Conference “Archibald Reiss Days”, which was organized by the Academy of Criminalistic and Police Studies in Belgrade, in cooperation with the Ministry of Interior and the Ministry of Education, Science and Technological Development of the Republic of Serbia, School of Criminal Justice, Michigan State University in USA, School of Criminal Justice University of Laussane in Switzerland, National Police Academy in Spain, Police Academy Szczytno in Poland, National Police University of China, Lviv State University of Internal Affairs, Volgograd Academy of the Russian Internal Affairs Ministry, Faculty of Security in Skopje, Faculty of Criminal Justice and Security in Ljubljana, Police Academy “Alexandru Ioan Cuza“ in Bucharest, Academy of Police Force in Bratislava, Faculty of Security Science University of Banja Luka, Faculty for Criminal Justice, Criminology and Security Studies University of Sarajevo, Faculty of Law in Montenegro, Police Academy in Montenegro and held at the Academy of Criminalistic and Police Studies, on 7, 8 and 9 November 2017.The International Scientific Conference “Archibald Reiss Days” is organized for the seventh time in a row, in memory of the founder and director of the first modern higher police school in Serbia, Rodolphe Archibald Reiss, after whom the Conference was named. The Thematic Collection of Papers contains 131 papers written by eminent scholars in the field of law, security, criminalistics, police studies, forensics, informatics, as well as by members of national security system participating in education of the police, army and other security services from Belarus, Bosnia and Herzegovina, Bulgaria, Bangladesh, Abu Dhabi, Greece, Hungary, Macedonia, Romania, Russian Federation, Serbia, Slovakia, Slovenia, Czech Republic, Switzerland, Turkey, Ukraine, Italy, Australia and United Kingdom. Each paper has been double-blind peer reviewed by two reviewers, international experts competent for the field to which the paper is related, and the Thematic Conference Proceedings in whole has been reviewed by five competent international reviewers.The papers published in the Thematic Collection of Papers provide us with the analysis of the criminalistic and criminal justice aspects in solving and proving of criminal offences, police organization, contemporary security studies, social, economic and political flows of crime, forensic linguistics, cybercrime, and forensic engineering. The Collection of Papers represents a significant contribution to the existing fund of scientific and expert knowledge in the field of criminalistic, security, penal and legal theory and practice. Publication of this Collection contributes to improving of mutual cooperation between educational, scientific and expert institutions at national, regional and international level

Electronic Voting: 6th International Joint Conference, E-Vote-ID 2021, Virtual Event, October 5–8, 2021: proceedings

This volume contains the papers presented at E-Vote-ID 2021, the Sixth International Joint Conference on Electronic Voting, held during October 5–8, 2021. Due to the extraordinary situation brought about by the COVID-19, the conference was held online for the second consecutive edition, instead of in the traditional venue in Bregenz, Austria. The E-Vote-ID conference is the result of the merger of the EVOTE and Vote-ID conferences, with first EVOTE conference taking place 17 years ago in Austria. Since that conference in 2004, over 1000 experts have attended the venue, including scholars, practitioners, authorities, electoral managers, vendors, and PhD students. The conference focuses on the most relevant debates on the development of electronic voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social, or political aspects, amongst others, and has turned out to be an important global referent in relation to this issue

Sixth International Joint Conference on Electronic Voting E-Vote-ID 2021. 5-8 October 2021

This volume contains papers presented at E-Vote-ID 2021, the Sixth International Joint Conference on Electronic Voting, held during October 5-8, 2021. Due to the extraordinary situation provoked by Covid-19 Pandemic, the conference is held online for second consecutive edition, instead of in the traditional venue in Bregenz, Austria. E-Vote-ID Conference resulted from the merging of EVOTE and Vote-ID and counting up to 17 years since the _rst E-Vote conference in Austria. Since that conference in 2004, over 1000 experts have attended the venue, including scholars, practitioners, authorities, electoral managers, vendors, and PhD Students. The conference collected the most relevant debates on the development of Electronic Voting, from aspects relating to security and usability through to practical experiences and applications of voting systems, also including legal, social or political aspects, amongst others; turning out to be an important global referent in relation to this issue. Also, this year, the conference consisted of: · Security, Usability and Technical Issues Track · Administrative, Legal, Political and Social Issues Track · Election and Practical Experiences Track · PhD Colloquium, Poster and Demo Session on the day before the conference E-VOTE-ID 2021 received 49 submissions, being, each of them, reviewed by 3 to 5 program committee members, using a double blind review process. As a result, 27 papers were accepted for its presentation in the conference. The selected papers cover a wide range of topics connected with electronic voting, including experiences and revisions of the real uses of E-voting systems and corresponding processes in elections. We would also like to thank the German Informatics Society (Gesellschaft für Informatik) with its ECOM working group and KASTEL for their partnership over many years. Further we would like to thank the Swiss Federal Chancellery and the Regional Government of Vorarlberg for their kind support. EVote- ID 2021 conference is kindly supported through European Union's Horizon 2020 projects ECEPS (grant agreement 857622) and mGov4EU (grant agreement 959072). Special thanks go to the members of the international program committee for their hard work in reviewing, discussing, and shepherding papers. They ensured the high quality of these proceedings with their knowledge and experience