Advertisement

Position Paper on Recent Cybersecurity Trends: Legal Issues, AI and IoT

  • Junbin Fang
  • Yun Ju Huang
  • Frankie Li
  • Jing LiEmail author
  • Xuan Wang
  • Yang Xiang
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 11058)

Abstract

There is a large number of high-profile cyberattacks identified in the year of 2017, i.e., Ransomware attacks are one of the areas of cybercrime growing the fastest. These increasingly sophisticated cyberattacks are forcing various organisations to face security challenges and invest money building security and trust models. There will also be an increase in the use of recent development of security solutions that can help improve the detection performance and react to malicious events. In this position paper, we mainly introduce recent development trends in cybersecurity, including legal issues (e.g., GDPR), Artificial intelligence (AI), Mobile security and Internet of Things.

Keywords

Cybersecurity Internet of Things Artificial Intelligence General Data Protection Regulation Mobile security 

References

  1. 1.
    Ateniese, G., Magri, B., Venturi, D., Andrade, E.R.: Redactable blockchain - or - rewriting history in bitcoin and friends. In: 2017 IEEE European Symposium on Security and Privacy, EuroS&P 2017, Paris, France, pp. 111–126 (2017)Google Scholar
  2. 2.
    Diro, A.A., Chilamkurti, N.: Deep learning: the frontier for distributed attack detection in Fog-to-Things computing. IEEE Commun. Mag. 56(2), 169–175 (2018)CrossRefGoogle Scholar
  3. 3.
    Chen, L., Hou, S., Ye, Y.: SecureDroid: enhancing security of machine learning-based detection against adversarial android malware attacks. In: Proceedings of ACSAC, pp. 362–372 (2017)Google Scholar
  4. 4.
    Cui, A., Costello, M., Stolfo, S.: When firmware modifications attack: a case study of embedded exploitation. In: Proceedings of NDSS (2013)Google Scholar
  5. 5.
    Chen, W., Luo, X., Yin, C., Xiao, B., Au, M.H., Tang, Y.: Cloudbot: advanced mobile botnets using ubiquitous cloud technologies. Pervasive Mob. Comput. 41, 270–285 (2017)CrossRefGoogle Scholar
  6. 6.
    Chen, S., et al.: Automated poisoning attacks and defenses in malware detection systems: an adversarial machine learning approach. Comput. Secur. 73, 326–344 (2018)CrossRefGoogle Scholar
  7. 7.
    Enck, W., et al.: TaintDroid: an information-flow tracking system for realtime privacy monitoring on smartphones. In: Proceedings of OSDI (2010)Google Scholar
  8. 8.
    Faruki, P., et al.: Android security: a survey of issues, malware penetration, and defenses. IEEE Commun. Surv. Tut. 17(2), 998–1022 (2015)CrossRefGoogle Scholar
  9. 9.
    Jones, M.L., Kaufman, E., Edenberg, E.: AI and the ethics of automating consent. IEEE Secur. Priv. 16(3), 64–72 (2018)CrossRefGoogle Scholar
  10. 10.
    Karbab, E.B., Debbabi, M., Derhab, A., Mouheb, D.: MalDozer: automatic framework for android malware detection using deep learning. Digit. Invest. 24, S48–S59 (2018)CrossRefGoogle Scholar
  11. 11.
    Kong, D., Cen, L., Jin, H.: AUTOREB: automatically understanding the review-to-behavior fidelity in android applications. In: Proceedings of CCS (2015)Google Scholar
  12. 12.
    Loukas, G., Vuong, T., Heartfield, R., Sakellari, G., Yoon, Y., Gan, D.: Cloud-based cyber-physical intrusion detection for vehicles using deep learning. IEEE Access 6, 3491–3508 (2018)CrossRefGoogle Scholar
  13. 13.
    Macenaite, M.: From universal towards child-specific protection of the right to privacy online: dilemmas in the EU general data protection regulation. New Media Soc. 19(5), 765–779 (2017)CrossRefGoogle Scholar
  14. 14.
    Maskiewicz, J., Ellis, B., Mouradian, J., Shacham, H.: Mouse trap: exploiting firmware updates in USB peripherals. In: Proceedings of WOOT (2014)Google Scholar
  15. 15.
    Nguyen, M.H., Nguyen, D.L., Nguyen, X.M., Quan, T.T.: Auto-detection of sophisticated malware using lazy-binding control flow graph and deep learning. Comput. Secur. 76, 128–155 (2018)CrossRefGoogle Scholar
  16. 16.
    Qian, C., Luo, X., Shao, Y., Chan, A.T.: On tracking information flows through JNI in android applications. In: Proceedings of DSN (2014)Google Scholar
  17. 17.
    Ronen, E., OFlynn, C., Shamir, A.: IoT goes nuclear: creating a ZigBee chain reaction. In: Proceedings of the IEEE Symposium on Security and Privacy (2017)Google Scholar
  18. 18.
    Rieck, J.: Attacks on fitness trackers revisited: a case-study of unfit firmware security. https://arxiv.org/abs/1604.03313. Accessed July 2018
  19. 19.
    Shao, Y., Luo, X., Qian, C.: Rootguard: protecting rooted android phones. IEEE Comput. 47(6), 32–40 (2014)CrossRefGoogle Scholar
  20. 20.
    Shoshitaishvili, Y., Wang, R., Hauser, C., Kruegel, C., Vigna, G.: Firmalice - automatic detection of authentication bypass vulnerabilities in binary firmware. In: Proceedings of NDSS (2015)Google Scholar
  21. 21.
    Sufatrio, Tan, D.J.J., Chua, T.W., Thing, V.L.: Securing android: a survey, taxonomy, and challenges. ACM Comput. Surv. 47(4), 58 (2015)CrossRefGoogle Scholar
  22. 22.
    Yan, L., Yin, H.: DroidScope: seamlessly reconstructing the OS and Dalvik semantic views for dynamic android malware analysis. In: Proceedings of USENIX Security (2012)Google Scholar
  23. 23.
    Yu, L., Luo, X., Qian, C., Wang, S., Leung, H.: Enhancing the description-to-behavior fidelity in android apps with privacy policy. IEEE Trans. Softw. Eng. 44, 834–854 (2018)CrossRefGoogle Scholar
  24. 24.
    Yu, L., Zhang, T., Luo, X., Xue, L., Chang, H.: Towards automatically generating privacy policy for android apps. IEEE Trans. Inform. Forensics Secur. 12(4), 865–880 (2017)CrossRefGoogle Scholar
  25. 25.
    Yu, L., Luo, X., Liu, X., Zhang, T.: Can we trust the privacy policies of android apps? In: Proceedings of IEEE/IFIP DSN (2016)Google Scholar
  26. 26.
    Xue, L., Zhou, Y., Chen, T., Luo, X., Gu, G.: Malton: towards on-device non-invasive mobile malware analysis for art. In: Proceedings of USENIX SEC (2017)Google Scholar
  27. 27.
    Xue, L., Qian, C., Luo, X.: AndroidPerf: a cross-layer profiling system for android applications. In: Proceedings of IWQoS (2015)Google Scholar
  28. 28.
    Zhang, Y., Luo, X., Yin, H.: DexHunter: toward extracting hidden code from packed android applications. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9327, pp. 293–311. Springer, Cham (2015).  https://doi.org/10.1007/978-3-319-24177-7_15CrossRefGoogle Scholar

Copyright information

© Springer Nature Switzerland AG 2018

Authors and Affiliations

  • Junbin Fang
    • 1
  • Yun Ju Huang
    • 2
  • Frankie Li
    • 3
  • Jing Li
    • 4
    Email author
  • Xuan Wang
    • 5
  • Yang Xiang
    • 6
    • 7
  1. 1.Jinan UniversityGuangzhouChina
  2. 2.Hong Kong Applied Science and Technology Research Institute (ASTRI)ShatinHong Kong SAR
  3. 3.Dragon Advance TechChinaHong Kong SAR
  4. 4.Guangzhou UniversityGuangzhouChina
  5. 5.Harbin Institute of TechnologyShenzhenChina
  6. 6.State Key Laboratory of Integrated Service Networks (ISN)Xidian UniversityXi’anPeople’s Republic of China
  7. 7.Digital Research and Innovation Capability PlatformSwinburne University of TechnologyMelbourneAustralia

Personalised recommendations