Computer Security

1. Front Matter

   Pages i-xxiii

   PDF

2. CyberICPS Workshop

   1. Front Matter

      Pages 1-1

      PDF

   2. Anomaly Detection for Industrial Control Systems Using Sequence-to-Sequence Neural Networks

      • Jonguk Kim, Jeong-Han Yun, Hyoung Chun Kim

      Pages 3-18

   3. Reflective Attenuation of Cyber-Physical Attacks

      • Mariana Segovia, Ana Rosa Cavalli, Nora Cuppens, Jose Rubio-Hernan, Joaquin Garcia-Alfaro

      Pages 19-34

   4. Distributed UCON in CoAP and MQTT Protocols

      • Athanasios Rizos, Daniel Bastos, Andrea Saracino, Fabio Martinelli

      Pages 35-52

   5. Towards the Creation of a Threat Intelligence Framework for Maritime Infrastructures

      • Nikolaos Pitropakis, Marios Logothetis, Gennady Andrienko, Jason Stefanatos, Eirini Karapistoli, Costas Lambrinoudakis

      Pages 53-68

   6. Connect and Protect: Requirements for Maritime Autonomous Surface Ship in Urban Passenger Transportation

      • Ahmed Amro, Vasileios Gkioulos, Sokratis Katsikas

      Pages 69-85

   7. Simulation-Based Evaluation of DDoS Against Smart Grid SCADAs

      • Damjan Gogic, Bojan Jelacic, Imre Lendak

      Pages 86-97

   8. Identifying Safety and Human Factors Issues in Rail Using IRIS and CAIRIS

      • Amna Altaf, Shamal Faily, Huseyin Dogan, Alexios Mylonas, Eylem Thron

      Pages 98-107

3. SECPRE Workshop

   1. Front Matter

      Pages 109-109

      PDF

   2. How Not to Use a Privacy-Preserving Computation Platform: Case Study of a Voting Application

      • Jan Willemson

      Pages 111-121

   3. A Proposed Privacy Impact Assessment Method Using Metrics Based on Organizational Characteristics

      • Eleni-Laskarina Makri, Zafeiroula Georgiopoulou, Costas Lambrinoudakis

      Pages 122-139

   4. A Conceptual Redesign of a Modelling Language for Cyber Resiliency of Healthcare Systems

      • Myrsini Athinaiou, Haralambos Mouratidis, Theo Fotis, Michalis Pavlidis

      Pages 140-158

   5. Shaping Digital Identities in Social Networks: Data Elements and the Role of Privacy Concerns

      • Thanos Papaioannou, Aggeliki Tsohou, Maria Karyda

      Pages 159-180

   6. GDPR Compliance: Proposed Technical and Organizational Measures for Cloud Providers

      • Zafeiroula Georgiopoulou, Eleni-Laskarina Makri, Costas Lambrinoudakis

      Pages 181-194

   7. On the Applicability of Security and Privacy Threat Modeling for Blockchain Applications

      • Dimitri Van Landuyt, Laurens Sion, Emiel Vandeloo, Wouter Joosen

      Pages 195-203

   8. Privacy, Security, Legal and Technology Acceptance Requirements for a GDPR Compliance Platform

      • Aggeliki Tsohou, Manos Magkos, Haralambos Mouratidis, George Chrysoloras, Luca Piras, Michalis Pavlidis et al.

      Pages 204-223

   9. Uncertainty-Aware Authentication Model for IoT

      • Mohammad Heydari, Alexios Mylonas, Vasilis Katos, Emili Balaguer-Ballester, Amna Altaf, Vahid Heydari Fami Tafreshi

      Pages 224-237

   10. From ISO/IEC 27002:2013 Information Security Controls to Personal Data Protection Controls: Guidelines for GDPR Compliance

       • Vasiliki Diamantopoulou, Aggeliki Tsohou, Maria Karyda

       Pages 238-257

4. SPOSE Workshop

   1. Front Matter

      Pages 259-259

      PDF

This book constitutes the refereed post-conference proceedings of the 5th International Workshop on Security of Industrial Control Systems and Cyber-Physical Systems, CyberICPS 2019, the Third International Workshop on Security and Privacy Requirements Engineering, SECPRE 2019, the First International Workshop on Security, Privacy, Organizations, and Systems Engineering, SPOSE 2019, and the Second International Workshop on Attacks and Defenses for Internet-of-Things, ADIoT 2019, held in Luxembourg City, Luxembourg, in September 2019, in conjunction with the 24th European Symposium on Research in Computer Security, ESORICS 2019.

The CyberICPS Workshop received 13 submissions from which 5 full papers and 2 short papers were selected for presentation. They cover topics related to threats, vulnerabilities and risks that cyber-physical systems and industrial control systems face; cyber attacks that may be launched against such systems; and ways of detecting and responding to such attacks.
From the SECPRE Workshop 9 full papers out of 14 submissions are included. The selected papers deal with aspects of security and privacy requirements assurance and evaluation; and security requirements elicitation and modelling and to GDPR compliance.
The SPOSE Workshop received 7 submissions from which 3 full papers and 1 demo paper were accepted for publication. They demonstrate the possible spectrum for fruitful research at the intersection of security, privacy, organizational science, and systems engineering.
From the ADIoT Workshop 5 full papers and 2 short papers out of 16 submissions are included. The papers focus on IoT attacks and defenses and discuss either practical or theoretical solutions to identify IoT vulnerabilities and IoT security mechanisms.

 

• cyber physical systems
• cyber security
• industrial control systems
• industrial Internet of Things (IIoT)
• security governance
• system security
• network security
• incident response
• incident response
• digital forensics
• requirements engineering
• security requirements engineering
• privacy requirements engineering
• security and privacy by design
• requirements verification and modelling
• social aspects of security and privacy
• social and behavioral sciences
• collaborative and social computing
• vulnerability analysis
• intrusion detection

• Open University of Cyprus, Latsia, Cyprus

  Sokratis Katsikas

• IMT Atlantique, Brest, France

  Frédéric Cuppens, Nora Cuppens

• University of Piraeus, Piraeus, Greece

  Costas Lambrinoudakis, Stefanos Gritzalis

• University of the Aegean, Mytilene, Greece

  Christos Kalloniatis

• University of Toronto, Toronto, Canada

  John Mylopoulos

• Georgia Institute of Technology, Atlanta, USA

  Annie Antón

• Technical University of Berlin, Berlin, Germany

  Frank Pallas

• Alexander von Humboldt Institute for Internet and Society, Berlin, Germany

  Jörg Pohle

• Ruhr University Bochum, Bochum, Germany

  Angela Sasse

• Technical University of Denmark, Kongens Lyngby, Denmark

  Weizhi Meng

• University of Plymouth, Plymouth, UK

  Steven Furnell

• Télécom SudParis, Evry, France

  Joaquin Garcia-Alfaro

Policies and ethics