Search for Articles:
Title / Keyword
Author / Affiliation / Email
Journal
Article Type
 
 
Advanced Search
 
Section
Special Issue
Volume
Issue
Number
Page
 
4.5
2.7
Journals
Applied Sciences
Special Issues
Security and Privacy for Software and Network
share announcement

Security and Privacy for Software and Network

A special issue of Applied Sciences (ISSN 2076-3417). This special issue belongs to the section "Computing and Artificial Intelligence".

Deadline for manuscript submissions: closed (31 October 2021) | Viewed by 6349

Special Issue Editors

Prof. Dohoon Kim

E-Mail Website
Guest Editor
Department of Computer Science, Kyonggi University, Yongin 449-701, Gyeonggi-do, Korea
Interests: malware & botnet analysis; insider threat; cyber deception; blockchain security; military security of RoK army
Special Issues, Collections and Topics in MDPI journals
Prof. Youn Kyu Lee

E-Mail Website
Guest Editor
Department of Information Security, Seoul Women's University, Nowon-gu, Seoul 139-774, Korea
Interests: software security; artificial intelligence; machine learning;software architecture and software engineering
Special Issues, Collections and Topics in MDPI journals

Special Issue Information

Dear Colleagues,

Security and privacy for software and networks is one of the most important factors in the private/public/defense domain. A shift in user awareness is required, especially with the development of information protection technologies that are critical to dealing with sensitive information in an organization. This means that various information security issues have emerged in recent years due to the development of technologies in software and networks. Similarly, as the demand for ICT services increases, the importance of security, privacy, and risk is always growing. Moreover, we should seriously consider various information security issues, such as system security, network security, software security, device security, physical security, and communication security. Additionally, we need more robust step-by-step countermeasures against these traditional security and privacy concerns.

Therefore, we solicit previously unpublished or modified papers offering meaningful research contributions on any aspect of security or privacy. Your papers may present advances in the theory, design, implementation or analysis of the attack, defense, protection, response and vulnerability, verification, or empirical evaluation and measurement, of secure systems.

Topics include but are not limited to the following:

  • Access control, authorization and authentication;
  • Application, network, system, web, software, hardware, IoT and cloud security;
  • Attacks and defenses;
  • Intrusion detection and prevention
  • Privacy technologies and mechanisms;
  • Digital, network, malware, system forensics;
  • Secure information flow;
  • Security and privacy for the Internet of Things;
  • Security and privacy metrics;
  • Security and privacy policies;
  • Security architectures;
  • Moving target defense;
  • Cyber deception and decoy techniques;
  • Malware and unwanted software;
  • Machine learning and AI security;
  • Protocol security;
  • Economics of security and privacy;
  • Blockchains and distributed ledger security;
  • Cyber physical systems and critical infrastructure security for the private/public/military domain;
  • Risk modeling, business process modeling, and analytics for the private/public/military domain.

Prof. Dohoon Kim
Prof. Youn Kyu Lee
Guest Editors

Manuscript Submission Information

Manuscripts should be submitted online at www.mdpi.com by registering and logging in to this website. Once you are registered, click here to go to the submission form. Manuscripts can be submitted until the deadline. All submissions that pass pre-check are peer-reviewed. Accepted papers will be published continuously in the journal (as soon as accepted) and will be listed together on the special issue website. Research articles, review articles as well as short communications are invited. For planned papers, a title and short abstract (about 100 words) can be sent to the Editorial Office for announcement on this website.

Submitted manuscripts should not have been published previously, nor be under consideration for publication elsewhere (except conference proceedings papers). All manuscripts are thoroughly refereed through a single-blind peer-review process. A guide for authors and other relevant information for submission of manuscripts is available on the Instructions for Authors page. Applied Sciences is an international peer-reviewed open access semimonthly journal published by MDPI.

Please visit the Instructions for Authors page before submitting a manuscript. The Article Processing Charge (APC) for publication in this open access journal is 2400 CHF (Swiss Francs). Submitted papers should be well formatted and use good English. Authors may use MDPI's English editing service prior to publication or during author revisions.

Published Papers (3 papers)

Download All Papers
Order results
Result details
Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:

Research

18 pages, 3055 KiB  
Article
mPrivacy: A Privacy Policy Engine and Safeguard Mechanism in Mobile Devices
by Zhong Zhang and Minho Shin
Appl. Sci. 2021, 11(24), 11629; https://0-doi-org.brum.beds.ac.uk/10.3390/app112411629 - 08 Dec 2021
Viewed by 1012
Abstract
Within the scope of mobile privacy, there are many attack methods that can leak users’ private information. The communication between applications can be used to violate permissions and access private information without asking for the user’s authorization. Hence, many researchers made protection mechanisms [...] Read more.
Within the scope of mobile privacy, there are many attack methods that can leak users’ private information. The communication between applications can be used to violate permissions and access private information without asking for the user’s authorization. Hence, many researchers made protection mechanisms against privilege escalation. However, attackers can further utilize inference algorithms to derive new information out of available data or improve the information quality without violating privilege limits. In this work. we describe the notion of Information Escalation Attack and propose a detection and protection mechanism using Inference Graph and Policy Engine for the user to control their policy on the App’s privilege in information escalation. Our implementation results show that the proposed privacy protection service is feasible and provides good useability. Full article
(This article belongs to the Special Issue Security and Privacy for Software and Network)
Show Figures

Figure 1

19 pages, 2657 KiB  
Article
The Optimization Analysis for the Original and Manipulation Identification of Illegally Filmed Images
by Soohyeon Choi and Dohoon Kim
Appl. Sci. 2021, 11(11), 5220; https://0-doi-org.brum.beds.ac.uk/10.3390/app11115220 - 04 Jun 2021
Cited by 1 | Viewed by 1802
Abstract
Illegally filmed images, the sharing of non-consensually filmed images over social media, and the secret recording and distribution of celebrity images are increasing. To catch distributors of illegally filmed images, many investigation techniques based on an analysis of the file attribute information of [...] Read more.
Illegally filmed images, the sharing of non-consensually filmed images over social media, and the secret recording and distribution of celebrity images are increasing. To catch distributors of illegally filmed images, many investigation techniques based on an analysis of the file attribute information of the original images have been introduced. As forensic science advances, various types of anti-forensic technologies are being produced, requiring investigators to open and analyze all videos from the suspect’s storage devices, raising the question of the invasion of privacy during the investigation. The suspect can even file a lawsuit, which makes issuing a warrant and conducting an investigation difficult. Thus, it is necessary to detect the original and manipulated images without needing to directly go through multiple videos. We propose an optimization analysis and detection method for extracting original and manipulated images from seized devices of suspects. In addition, to increase the detection rate of both original and manipulated images, we suggest a precise measurement approach for comparative thresholds. Thus, the proposed method is a new digital forensic methodology for comparing and identifying original and manipulated images accurately without the need for opening videos individually in a suspect’s mobile device. Full article
(This article belongs to the Special Issue Security and Privacy for Software and Network)
Show Figures

Figure 1

34 pages, 3931 KiB  
Article
OSINT-Based LPC-MTD and HS-Decoy for Organizational Defensive Deception
by Sang Seo and Dohoon Kim
Appl. Sci. 2021, 11(8), 3402; https://0-doi-org.brum.beds.ac.uk/10.3390/app11083402 - 10 Apr 2021
Cited by 4 | Viewed by 2755
Abstract
This study aimed to alleviate the theoretical limitations of existing moving target defense (MTD) and decoy concepts and improve the efficiency of defensive deception technology within an organization. We present the concept of an open-source intelligence (OSINT)-based hierarchical social engineering decoy (HS-Decoy) strategy [...] Read more.
This study aimed to alleviate the theoretical limitations of existing moving target defense (MTD) and decoy concepts and improve the efficiency of defensive deception technology within an organization. We present the concept of an open-source intelligence (OSINT)-based hierarchical social engineering decoy (HS-Decoy) strategy while considering the actual fingerprint of each organization. In addition, we propose a loosely proactive control-based MTD strategy that is based on the intended competitive exposure of OSINT between defenders and attackers. Existing MTDs and decoys are biased toward proactive prevention, in that they only perform structural mutation-based attack avoidance or induce static traps. They also have practical limitations, e.g., they do not consider security characterization of each organizational social engineering attack and related utilization plans, no quantitative deception modeling is performed for the attenuation of the attack surface through exposure to OSINT, and there is no operational plan for optimal MTD and decoy application within the organization. Through the applied deception concepts proposed here, the total attack efficiency was reduced by 287% compared to the existing MTD and decoys, while the artificial deception efficiency dominated by defenders was improved by 382%. In addition, the increase rate of deception overhead was also reduced by 174%, and an optimized deceptive trade-off was also presented. In order to enable an organization to utilize the OSINT concept, statistical error reduction, and MTD mutation cycle-based deceptive selectivity, it was introduced as a loose adaptive mutation rather than a preferential avoidance strategy, and an organization-specific optimization direction was introduced through a combination of HS-Decoy and LPC-MTD. In the future, in order to improve the operational reliability of the HS-Decoy and LPC-MTD-based combined model and standardize threat information for each organization, we intend to advance it into an international standard-based complex architecture and characterize it as game theory. Full article
(This article belongs to the Special Issue Security and Privacy for Software and Network)
Show Figures

Figure 1

Show export options expand_more Show export options expand_less
Select all
Export citation of selected articles as:
 
Displaying articles 1-3
Back to TopTop