EICC

Smartphones are more and more included into our personal and business environment. A data leakage of personal data violates our privacy, leaked business data might even mean a huge financial loss. Thus, many companies provide IT-security training to ...

With the evolution of threats and attacks and the speed of automation, new modern training and learning environments are needed to support the challenges of digital organizations and societies. In recent years, cyber ranges, i.e., virtual environments ...

COVID-19's impact has surpassed from personal and global health to our social life. In terms of digital presence, it is speculated that during pandemic, there has been a significant rise in cyberbullying. In this paper, we have examined the hypothesis ...

Identity leakage is the public disclosure of user accounts that were stolen from an online service provider, e.g. email adresses and passwords. Identity leakage is an emerging threat to the security of user accounts because the number of online ...

In the past, stack smashing attacks and buffer overflows were some of the most insidious data-dependent bugs leading to malicious code execution or other unwanted behavior in the targeted application. Since reliable mitigations such as fuzzing or static ...

Network covert channels embedded within network conversations are becoming widely adopted to enforce privacy of users or bypass censorship attempts as well as by malware to remain unnoticed while exfiltrating data or coordinating an attack. As a ...

The forensic investigation of data stored on mobile devices is a common option to analyze and solve cyber-crime cases. The analysis of the installed applications extracts and collects information to clarify unknown conditions and might provide ...

In terms of application security, detecting security vulnerabilities in prior and fixing them is one of the effective ways to prevent malicious activities. However, finding security bugs is highly reliant upon human experts due to its complexity. ...

The proportion of women in information technology (IT) work is low, however, the growing field of cybersecurity attracts even fewer women. This paper reports from a study exploring what motivates women to enter IT in general and cybersecurity in ...

This poster reports on an exploratory study of E2EE communication software adoption factors among academics at five Slovenian universities (N = 367). The results of the study suggest that information sensitivity plays an important role in adoption of ...

Rapidly-changing cloud environments that consist of heavily interconnected components are difficult to secure. Existing solutions often try to correlate many weak indicators to identify and reconstruct multi-step cyber attacks. The lack of a true, ...

Security is an important software quality attribute albeit, as a nonfunctional requirement, often overlooked. Although several approaches for security requirements engineering exist, it is not clear how to adapt security requirements to software end ...

We present a covert channel between two network devices where one authenticates itself with Lamport's one-time passwords based on a cryptographic hash function. Our channel enables plausible deniability. We also present countermeasures to detect the ...

Data of industrial control systems (ICS) are increasingly subject to cyber attacks which should be detected by approaches such as anomaly detection before they can take effect. However, examples such as Stuxnet, Industroyer or Triton show that, despite ...

Data hiding provides a collection of techniques that can be used within a wider cybersecurity or privacy framework, making it possible, for example, to protect the users' privacy in streaming or broadcasting of multimedia contents or to detect ...