Full Description
This book constitutes the refereed proceedings of the 29th International Conference on Secure IT Systems, NordSec 2024, held in Karlstad, Sweden, during November 6-7, 2024.
The 25 full papers presented in this book were carefully reviewed and selected from 59 submissions. They focus on topics such as: Authentication; Cryptography; Cyber-Physical Systems; Cybersecurity and Policy; LLMs for Security; Formal Verification; Mobile and IoT; Network Security; and Privacy.
Contents
.- Authentication.
.- Are Swedish Passwords Tougher Than the Rest?.
.- Towards Exploring Cross-Regional and Cross-Platform Differences in Login Throttling.
.- Cryptography.
.- Determining the A5 encryption algorithms used in 2G (GSM) networks.
.- Misbinding Raw Public Keys to Identities in TLS.
.- Small Private Exponent Attacks on Takagi Family Schemes.
.- Cyber-Physical Systems.
.- A Comparison of Deep Learning Approaches for Power-based Side-channel Attacks.
.- Binary-Level Code Injection for Automated Tool Support on the ESP32 Platform.
.- Detecting Cyber and Physical Attacks Against Mobile Robots Using Machine Learning: An Empirical Study.
.- Cybersecurity and Policy.
.- A Gamified Learning Approach for IoT Security Education using Capture-the-Flag Competitions: Architecture and Insights.
.- NIS2 Directive in Sweden: A Report on the Readiness of Swedish Critical Infrastructure.
.- The Cyber Alliance Game: How Alliances Influence Cyber-Warfare.
.- LLMs for Security.
.- Evaluating Large Language Models in Cybersecurity Knowledge with Cisco Certificates.
.- How to Train Your Llama - Efficient Grammar-Based Application Fuzzing Using Large Language Models.
.- The Dual-Edged Sword of Large Language Models in Phishing.
.- Formal Verification.
.- Analysing TLS Implementations using Full-Message Symbolic Execution.
.- Formal Verification of Browser Fingerprinting and Mitigation with Inlined Reference Monitors.
.- Mobile & IoT.
.- Beware of the Rabbit Hole - A Digital Forensic Case Study of DIY Drones.
.- GOTCHA: Physical Intrusion Detection with Active Acoustic Sensing using a Smart Speaker.
.- Security Analysis of Top-Ranked mHealth Fitness Apps: An Empirical Study.
.- Network Security.
.- CCKex: High Bandwidth Covert Channels over Encrypted Network Traffic.
.- Fingerprinting DNS Resolvers using Query Patterns from QNAME Minimization.
.- Formally Discovering and Reproducing Network Protocols Vulnerabilities.
.- Privacy.
.- Enhancing Noise Estimation for Statistical Disclosure Attacks using the Artificial Bee Colony Algorithm.
.- Left Alone Facing a Difficult Choice: An Expert Analysis of Websites Promoting Selected Privacy-Enhancing Technologies.
.- Optimizing Onionbalance: Improving Scalability and Security for Tor Onion Services.
