Resilience and Vulnerability in Cybersecurity

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (30 June 2023) | Viewed by 1672

Special Issue Editor

Special Issue Information

Dear Colleagues,

Resilience in Cybersecurity addresses the need of improving the ability of organizations to withstand and recover from disruptive events. Resilience is also characterized by the ability to plan, absorb, recover from, and adapt to cyber threats. Many such threats exploit technical systems’ vulnerabilities to carry out the malicious events, e.g., vulnerabilities of system’s procedure, design, implementation, or internal controls. As the intensity and complexity of cyber attacks increase, designing, implementing, and configuring secure software and hardware systems are no longer optional.

This Special Issue on Resilience and Vulnerability in Cybersecurity focuses on submissions describing technical work advancing cybersecurity resilience and vulnerability. Special interest is given to threats and vulnerabilities associated with applications, systems, and networks; new techniques for scanning for technical vulnerabilities; performing continuous security event monitoring; acting on threat intelligence; protecting information against targeted cyber attacks; security event logging and management; using new technologies such as programmable data planes and programmable network interface cards to speed up threat detection and mitigation; improving applications, systems, and networks’ ability to withstand and recover from disruptive events; recovery of applications, systems, and networks from cyber attacks to an effective operational posture; designing applications, systems, and networks that reduce attack surface areas; and defending applications, systems, and networks against threats by active monitoring for adversarial penetration and execution of counterattacks.

Prof. Dr. Jorge Crichigno
Guest Editor

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (1 paper)

Order results
Result details
Select all
Export citation of selected articles as:

Research

30 pages, 1342 KiB  
Article
Fast Format-Aware Fuzzing for Structured Input Applications
by Zehan Chen, Yuliang Lu, Kailong Zhu, Lu Yu and Jiazhen Zhao
Appl. Sci. 2022, 12(18), 9350; https://0-doi-org.brum.beds.ac.uk/10.3390/app12189350 - 18 Sep 2022
Cited by 1 | Viewed by 1301
Abstract
Fuzzing is one of the most successful software testing techniques used to discover vulnerabilities in programs. Without seeds that fit the input format, existing runtime dependency recognition strategies are limited by incompleteness and high overhead. In this paper, for structured input applications, we [...] Read more.
Fuzzing is one of the most successful software testing techniques used to discover vulnerabilities in programs. Without seeds that fit the input format, existing runtime dependency recognition strategies are limited by incompleteness and high overhead. In this paper, for structured input applications, we propose a fast format-aware fuzzing approach to recognize dependencies from the specified input to the corresponding comparison instruction. We divided the dependencies into Input-to-State (I2S) and indirect dependencies. Our approach has the following advantages compared to existing works: (1) recognizing I2S dependencies more completely and swiftly using the input based on the de Bruijn sequence and its mapping structure; (2) obtaining indirect dependencies with a light dependency existence analysis on the input fragments. We implemented a fast format-aware fuzzing prototype, FFAFuzz, based on our method and evaluated FFAFuzz in real-world structured input applications. The evaluation results showed that FFAFuzz reduced the average time overhead by 76.49% while identifying more completely compared with Redqueen and by 89.10% compared with WEIZZ. FFAFuzz also achieved higher code coverage by 14.53% on average compared to WEIZZ. Full article
(This article belongs to the Special Issue Resilience and Vulnerability in Cybersecurity)
Show Figures

Figure 1

Back to TopTop