A Survey and Evaluation of Android-Based Malware Evasion Techniques and Detection Frameworks

Android platform security is an active area of research where malware detection techniques continuously evolve to identify novel malware and improve the timely and accurate detection of existing malware. Adversaries are constantly in charge of employing innovative techniques to avoid or prolong malware detection effectively. Past studies have shown that malware detection systems are susceptible to evasion attacks where adversaries can successfully bypass the existing security defenses and deliver the malware to the target system without being detected. The evolution of escape-resistant systems is an open research problem. This paper presents a detailed taxonomy and evaluation of Android-based malware evasion techniques deployed to circumvent malware detection. The study characterizes such evasion techniques into two broad categories, polymorphism and metamorphism, and analyses techniques used for stealth malware detection based on the malware’s unique characteristics. Furthermore, the article also presents a qualitative and systematic comparison of evasion detection frameworks and their detection methodologies for Android-based malware. Finally, the survey discusses open-ended questions and potential future directions for continued research in mobile malware detection

Identity-as-a-Service: An Adaptive Security Infrastructure and Privacy-Preserving User Identity for the Cloud Environment

In recent years, enterprise applications have begun to migrate from a local hosting to a cloud provider and may have established a business-to-business relationship with each other manually. Adaptation of existing applications requires substantial implementation changes in individual architectural components. On the other hand, users may store their Personal Identifiable Information (PII) in the cloud environment so that cloud services may access and use it on demand. Even if cloud services specify their privacy policies, we cannot guarantee that they follow their policies and will not (accidentally) transfer PII to another party. In this paper, we present Identity-as-a-Service (IDaaS) as a trusted Identity and Access Management with two requirements: Firstly, IDaaS adapts trust between cloud services on demand. We move the trust relationship and identity propagation out of the application implementation and model them as a security topology. When the business comes up with a new e-commerce scenario, IDaaS uses the security topology to adapt a platform-specific security infrastructure for the given business scenario at runtime. Secondly, we protect the confidentiality of PII in federated security domains. We propose our Purpose-based Encryption to protect the disclosure of PII from intermediary entities in a business transaction and from untrusted hosts. Our solution is compliant with the General Data Protection Regulation and involves the least user interaction to prevent identity theft via the human link. The implementation can be easily adapted to existing Identity Management systems, and the performance is fast.</jats:p

CoRiMaS—An Ontological Approach to Cooperative Risk Management in Seaports

For today’s global value chains, seaports and their operations are indispensable components. In many cases, the cargo handling takes place in close proximity to residential and/or environmentally sensitive areas. Furthermore, seaports are often not operated by a single organization, but need to be considered as communities of sometimes hundreds of internal and external stakeholders. Due to their close cooperation in the cargo handling process, risk management should be a common approach among the internal stakeholders as well in order to effectively mitigate and respond to emerging risks. However, empirical research has revealed that risk management is often limited to the organization itself, which indicates a clear lack of cooperation. Primary reasons in this regard are missing knowledge about the relations and responsibilities within the port and differing terminologies. Therefore, we propose an ontology (CoRiMaS) that implements a developed reference model for risk management that explicitly aims at seaports with a cooperative approach to risk management. CoRiMaS has been designed looking at the Semantic Web and at the Linked Data model to provide a common interoperable vocabulary in the target domain. The key concepts of our ontology comprise the hazard, stakeholder, seaport, cooperation aspect, and risk management process. We validated our ontology by applying it in a case study format to the Port of Hamburg (Germany). The CoRiMaS ontology can be widely applied to foster cooperation within and among seaports. We believe that such an ontological approach has the potential to improve current risk management practices and, thereby, to increase the resilience of operations, as well as the protection of sensitive surrounding areas.</jats:p

Respite for SMEs: a systematic review of socio-technical cybersecurity metrics

Featured Application The results of this work will be incorporated in an application for SMEs in Europe, which aims to improve cybersecurity awareness and resilience, as part of the EU Horizon 2020 GEIGER project. Cybersecurity threats are on the rise, and small- and medium-sized enterprises (SMEs) struggle to cope with these developments. To combat threats, SMEs must first be willing and able to assess their cybersecurity posture. Cybersecurity risk assessment, generally performed with the help of metrics, provides the basis for an adequate defense. Significant challenges remain, however, especially in the complex socio-technical setting of SMEs. Seemingly basic questions, such as how to aggregate metrics and ensure solution adaptability, are still open to debate. Aggregation and adaptability are vital topics to SMEs, as they require the assimilation of metrics into an actionable advice adapted to their situation and needs. To address these issues, we systematically review socio-technical cybersecurity metric research in this paper. We analyse aggregation and adaptability considerations and investigate how current findings apply to the SME situation. To ensure that we provide valuable insights to researchers and practitioners, we integrate our results in a novel socio-technical cybersecurity framework geared towards the needs of SMEs. Our framework allowed us to determine a glaring need for intuitive, threat-based cybersecurity risk assessment approaches for the least digitally mature SMEs. In the future, we hope our framework will help to offer SMEs some deserved respite by guiding the design of suitable cybersecurity assessment solutions.Prevention, Population and Disease management (PrePoD)Public Health and primary car

Versification and Authorship Attribution

The technique known as contemporary stylometry uses different methods, including machine learning, to discover a poem’s author based on features like the frequencies of words and character n-grams. However, there is one potential textual fingerprint stylometry tends to ignore: versification, or the very making of language into verse. Using poetic texts in three different languages (Czech, German, and Spanish), Petr Plecháč asks whether versification features like rhythm patterns and types of rhyme can help determine authorship. He then tests its findings on two unsolved literary mysteries. In the first, Plecháč distinguishes the parts of the Elizabethan verse play The Two Noble Kinsmen written by William Shakespeare from those written by his coauthor, John Fletcher. In the second, he seeks to solve a case of suspected forgery: how authentic was a group of poems first published as the work of the nineteenth-century Russian author Gavriil Stepanovich Batenkov? This book of poetic investigation should appeal to literary sleuths the world over.illustrato

Seventh International Joint Conference on Electronic Voting

This volume contains papers presented at E-Vote-ID 2022, the Seventh International JointConference on Electronic Voting, held during October 4–7, 2022. This was the first in-personconference following the COVID-19 pandemic, and, as such, it was a very special event forthe community since we returned to the traditional venue in Bregenz, Austria. The E-Vote-IDconference resulted from merging EVOTE and Vote-ID, and 18 years have now elapsed sincethe first EVOTE conference in Austria.Since that conference in 2004, over 1500 experts have attended the venue, including scholars,practitioners, authorities, electoral managers, vendors, and PhD students. E-Vote-ID collectsthe most relevant debates on the development of electronic voting, from aspects relating tosecurity and usability through to practical experiences and applications of voting systems, alsoincluding legal, social, or political aspects, amongst others, turning out to be an importantglobal referent on these issues

Scenario analysis report with policy recommendations: An assessment of sustainability, resilience, efficiency and fairness and effective chain relationships in VALUMICS case studies : Deliverable 8.4

This is an open access article distributed under the Creative Commons Attribution License, to view a copy of the license, see: https://creativecommons.org/licenses/by/4.0/. The final version of this report is available at https://doi.org/10.5281/zenodo.6534011The functioning of food value chains entails a complex organisation from farm to fork which is characterised by various governance forms and externalities which have shaped the overall food system. VALUMICS food value chain case studies: wheat to bread, dairy cows to milk, beef cattle to steak, farmed salmon to fillets and tomato to processed tomato were selected to enable explorative and empirical analysis to better understand the functioning of the food system and, to identify the main challenges that need to be addressed to improve sustainability, integrity, resilience, and fairness of European food chains. The VALUMICS system analysis was executed through four operational phases starting with Groundwork & analysis including mapping specific attributes and impacts of food value chains and their externalities. This was followed by Case study baseline analysis, which provided input to the third phase on Modelling and exploration of future scenarios and finally Policy and synthesis of the overall work. This report is an overall synthesis of the VALUMICS results as follows: • Key findings from the VALUMICS project on the functioning of European food value chains and their impacts on more sustainable, resilient, fairer, and transparent food system are summarised through a compilation of 25 Research Findings and Policy Briefs. • By highlighting the major contributions from the research activities throughout the four phases of the VALUMICS project, this report delivers an assessment of various factors influencing sustainability, resilience, efficiency and fairness and effective chain relationships of different food value chains, and their determinants. • The synthesis of the outcome allows the identification of opportunities and challenges characterising the functioning of food supply chains, and thus, the prospects and potentials for strengthening the EU food sector

Green Economy and Sustainable Development

Considering the importance of the challenges for sustainable development, this Book is intended to disseminate the results of cutting-edge research and broadcast the opinions of scientists from around the world, providing technological breakthroughs in green energy and urbanism, recycling and modernization of basic industries, conducting fundamental research on the economic problems of the transition to sustainable development