Author Archives: Menelaos Katsantonis

ARES 2016 – CALL FOR PAPERS

ARES 2016 – CALL FOR PAPERS

***************************************************************************************
The 11th International Conference on Availability, Reliability and Security (ARES 2016)
August 31 – September 2, 2016, Salzburg, Austria
http://www.ares-conference.eu/
****************************************************************************************

***********
ARES CONFERENCE
************
The 11th International Conference on Availability, Reliability and Security (“ARES”) will bring together researchers and practitioners in the area of dependability. ARES will highlight the various aspects of security – with special focus on the crucial linkage between availability, reliability and security.
ARES aims at a full and detailed discussion of the research issues of security as an integrative concept that covers amongst others availability, safety, confidentiality, integrity, maintainability and security in the different fields of applications.
ARES will emphasize the interplay between foundations and practical issues of security in emerging areas such as e-government, m-government, location-based applications, ubiquitous computing, autonomous computing, chances of grid computing etc. ARES is devoted to the critical examination and research challenges of the various aspects of Secure and Dependable Computing and the definition of a future road map.
Selected papers that are accepted by and presented at the ARES Conference will be published, after further revision, in special issues of international journals. The acceptance rate of the ARES 2015 conference was 29% (full papers only). The ARES conferences have been published by Conference Publishing Services (CPS).

************
CONFERENCE OFFICERS
************
General Chair
Dominik Engel, Salzburg University of Applied Sciences, Austria

Program Committee Chairs
Stephen B. Wicker, Cornell University, USA
Dominik Engel, Salzburg University of Applied Sciences, Austria

************
IMPORTANT DATES
************
Submission Deadline: March 13, 2016
Author Notification: May 30, 2016
Proceedings Version: June 20, 2016
Conference: August 31 – September 2, 2016

************
SUBMISSION
************
The proceedings of ARES (including workshops) have been published by Conference Publishing Services (CPS) of IEEE. Authors of selected papers that are accepted by and presented at the ARES Conference (including workshops) will be invited to submit an extended version to special issues of international journals.
Authors are invited to submit research and application papers according the following guidelines: two columns, single-spaced, including figures and references, using 10 pt fonts and number each page.
For the main conference as well as the workshops submission papers are classified into 3 categorizes representing original, previously unpublished work:

full paper (10 pages)
short paper (6 pages)
workshop paper (8 pages, a maximum of 10 pages is tolerated)

Submitted papers will be carefully evaluated based on originality, significance, technical soundness, presentation and clarity of exposition.
Simultaneous submission of the same work to multiple venues, submission of previously published work, or plagiarism constitutes dishonesty or fraud. ARES, like other scientific and technical conferences and journals, prohibits these practices and may take action against authors who have committed them.
Double blind review: ARES requires anonymized submissions – please make sure that submitted papers contain no author names or obvious self-references.
The ARES submission system (EasyChair) is available here: https://easychair.org/conferences/?conf=ares2016

************
PROGRAM COMMITTEE
************
Isaac Agudo, University of Malaga, Spain
Esma Aimeur, University of Montreal, Canada
Philipp Amann, Europol, EC3, Netherlands
Todd R. Andel, University of South Alabama, US
Amin Anjomshoaa, Massachusetts Institute of Technology (MIT), US
Francesco Buccafurri, University of Reggio Calabria, Italy
Luanne Burns Goldrich, The Johns Hopkins University Applied Physics Laboratory, US
Mario Cagalj, University of Split, Croatia
Jordi Castellà-Roca,Rovira i Virgili University of Tarragona, Spain
Lorenzo Cavallaro, Royal Holloway, University of London, UK
David Chadwick, University of Kent, UK
Soon Ae Chun, City University of New York, US
Nathan Clarke, Plymouth University, UK
Marijke Coetzee, University of Johannesburg, South Africa
Mark Dillon, International Criminal Court, NL
Adam Doupé, Arizona State University, US
Pavlos Efraimidis, Democritus University of Thrace, Greece
Christian Engelmann, Oak Ridge National Laboratory, US
Luis Enrique Sánchez Crespo, University of Castilla-la Mancha, Spain
Zekeriya Erkin, TU Delft, Netherlands
Aristide Fattori, Università degli Studi di Milano, Italy
Christophe Feltus, Luxembourg Institute of Science and Technology, Luxembourg
José Maria de Fuentes, Carlos III University of Madrid, Spain
Steven Furnell, Plymouth University, UK
Nico Golde, Qualcomm Research Germany, Germany
Bogdan Groza, Politehnica University of Timisoara, Romania
Dominik Herrmann, University Hamburg, Germany
Martin Gilje Jaatun, SINTEF, Norway
Hai Jin, Huazhong University of Science and Technology, China
Jan Jürjens, TU Dortmund and Fraunhofer ISST, Germany
Sokratis K. Katsikas, University of Piraeus, Greece
Peter Kieseberg, SBA Research, Austria
Ezzat Kirmani, St. Cloud State University, US
Thomas Korak, TU Graz, Austria
Thorsten Kramp, IBM Research Zurich, Switzerland
Ralf Kuesters, University of Trier, Germany
Costas Lambrinoudakis, University of Piraeus, Greece
Shujun Li University of Surrey, UK
Giovanni Livraga, Universita‘ degli Studi di Milano, Italy
Javier Lopez, University of Malaga, Spain
Konstantinos Markantonakis, Royal Holloway, University of London, UK
Keith Martin, Royal Holloway, University of London, UK
Ioannis Mavridis, University of Macedonia, Greece
Wojciech Mazurczyk, Warsaw University of Technology, Poland
Jeffrey McDonald, University of South Alabama, US
Mattia Monga, Universita` degli Studi di Milano, Italy
Haralambos Mouratidis, University of Brighton, UK
Thomas Moyer, MIT Lincoln Laboratory, US
Alexios Mylonas, Staffordshire University, UK
Thomas Nowey, Krones AG, Germany
Christoforos Ntantogian, University of Piraeus, Greece
Rolf Oppliger, eSECURITY Technologies, Switzerland
Jaehong Park, University of Alabama in Huntsville, US
Günther Pernul, University of Regensburg, Germany
Andreas Peter, University of Twente, Netherlands
Stefanie Rinderle-Ma, Vienna University, Austria
Stefanie Roos, TU Dresden, Germany
Domenico Rosaci, University „Mediterranea“ of Reggio Calabria, Italy
Volker Roth, Freie Universität Berlin, Germany
Giovanni Russello, University of Auckland, New Zealand
Mark Scanlon, University College Dublin, Ireland
Sebastian Schinzel, FH Münster, Germany
Jörn-Marc Schmidt, secunet, Germany
Max Schuchard, University of Minnesota, US
Stefan Schulte Vienna University of Technology, Austria
Dimitris Simos, SBA Research, Austria
Jon A. Solworth, University of Illinois at Chicago, US
Mark Strembeck, WU Vienna, Austria
Jakub Szefer, Yale School of Engineering & Applied Science, US
Oliver Theel, Carl von Ossietzky Universität Oldenburg, Germany
Simon Tjoa, St. Pölten University of Applied Sciences, Austria
Andreas Unterweger, Salzburg University of Applied Sciences, Austria
Umberto Villano, Universita‘ del Sannio, Italy
Artemios Voyiatzis, SBA Research, Austria
Xiao Wang, Carnegie Mellon University, US
Jinpeng Wei, Florida International University, US
Christos Xenakis, University of Piraeus, Greece
Fabian Yamaguchi, Göttingen University, Germany
Alec Yasinsac, University of South Alabama, US
Nicola Zannone, Eindhoven University of Technology, Netherlands

************
TOPCIS of interest include, but are not limited to:
************
Authorization and Authentication
Availability and Reliability
Business Continuity & Resilience
Cost/Benefit Analysis
Cryptography
Dependability Aspects for Special Applications (e.g. ERP-Systems, Logistics)
Dependability Aspects of Electronic Government (e-Government)
Dependability Administration
Dependability in Open Source Software
Designing Security Requirements
Digital Forensics
E-Commerce Dependability
Failure Prevention
Identity Management
IPR of Security Technology
Incident Response and Prevention
Information Flow Control
Information Hiding
Internet Dependability
Interoperability Aspects
Intrusion Detection and Fraud Detection
Legal Issues
Mobile Security
Network and Organizational Vulnerability Analysis
Network Security Privacy-Enhancing Technologies
Process based Security Models and Methods
RFID Security and Privacy
Risk planning, Analysis & Awareness
Safety Critical Systems
Secure Enterprise Architectures
Security Issues for Ubiquitous Systems
Security and Privacy in E-Health
Security and Trust Management in P2P and Grid applications
Security and Privacy for Sensor Networks, Wireless/Mobile Devices and Applications
Security and Usability
Security as Quality of Service
Security in Distributed Systems / Distributed Databases
Security in Electronic Payments
Security in Electronic Voting
Software Engineering of Dependable Systems
Software Security
Standards, Guidelines and Certification
Survivability of Computing Systems
Temporal Aspects of Dependability
Threats and Attack Modelling
Trusted Computing
Tools for Dependable System Design and Evaluation
Trust Models and Trust Management
VOIP, Wireless Security

XcodeGhost threat still remains

XcodeGhost is a malware on Apple’s iOS appeared in September 2015. Chinese cybercriminals exploited the fact that official Xcode developer’s kit, almost 3 GB, take long time to be downloaded by Apple’s servers. They offered an easier and faster way to download the Xcode package from cloud file sharing service Baidu. However the offered version proved to be the malicious XcodeGhost as the Chinese cybercriminals planted malware in the original Xcode package. The malware didn’t show off in the developer’s computer but it indirectly infected all the applications compiled with the XcodeGhost compiler. Consequently it made it to the App store and it was detected in more than 300 apps. Infected applications sent information to the XcodeGhost command and control servers (CnC) through http protocol. Additionally according to paloalto security company ([1], [2]) XcodeGhost could be used for phishing passwords by prompt deceptive alert dialog with built-in remote control functionalities. Apple responded quickly to this threat and on 22th of September announced [3] that the infected apps were removed from the App Store. Also pointed out that Xcode should be directly downloaded from Apple and that in other case the package should be assessed for its validity with the «spctl –assess –verbose /Applications/Xcode.app» terminal command on a Gatekeeper enabled system.

However the XcodeGhost threat seems persistent. Quite some time after the disclosure of the threat, some users are sticked to the old infected versions of the apps and the iOS. Additionally, having developers, who had the malicious XcodeGhost version, refresh and validate their Xcode installation is not enough. Most of the developers use third-party components in their programs which can be considered a risk as they cannot be sure if the third-party libraries or sub-programs are infected or not.
Moreover the Fireeye security company [4] monitored customers’ networks and came in some interesting deductions: XcodeGhost has entered into U.S. enterprises and a variant of XcodeGhost is around. In only a month time, 210 enterprises were found to be infected that generated 28.000 attempts to connect to XcodeGhost CnC. Enterprises’ efforts to block the XcodeGhost DNS query inside their networks in order to prevent communication between iPhones and CnCs is not effective when their users are outside their domain.

Besides FireEye identified a new version of malware called XcodeGhost S. XcodeGhost S intends to infect iOS 9 applications and allow them to bypass Apple’s detection. Specifically Apple in a new approach introduced in iOS 9 has made obligatory the use of secure connections through https. This breaks the communications of XcodeGhost infected apps with its CnCs servers that use http. To circulate this problem cybercriminals used an Apple’s feature that allows developers to add exceptions in app’s configuration files (info.plist) to allow http connections. Moreover new XcodeGhost malware concatenates character by character the strings to bypass a simple detection scheme.

Unfortunately there is no feature provided by Apple that automatically inspects iOS devices for XcodeGhost malware. Though SANS researchers [6] suggested that end users should check applications’ logs for suspicious http traffic to «http://init.icloud-analysis.com» and the IP addresses 52.2.85.22, 52.4.74.88, 52.6.167.64, 52.68.131.221, 104.238.125.92.

[1] XcodeGhost Attacker Can Phish Passwords and Open URLs through Infected Apps – paloalto networks
[2] More Details on the XcodeGhost Malware and Affected iOS Apps – paloalto networks
[3] https://www.fireeye.com/blog/threat-research/2015/11/xcodeghost_s_a_new.html – FireEye
[4] https://developer.apple.com/news/?id=09222015a – Apple Developer
[5] https://nakedsecurity.sophos.com/2015/11/09/apples-xcodeghost-malware-still-in-the-machine/
[6] https://isc.sans.edu/diary/Detecting+XCodeGhost+Activity/20171 – SANS ISC InfoSec Forums