Search  English (United States) Hrvatski (Hrvatska)

innovative promotional partnershipICT in renewable energy technologies

MIPRO 2020 - 43rd International Convention

ISS - Information Systems Security

Thursday, 10/1/2020 3:00 PM - 7:00 PM, Collegium, Grand hotel Adriatic, Opatija

Hybrid Event

Event program
Thursday, 10/1/2020 3:00 PM - 7:00 PM,
Collegium, Grand hotel Adriatic, Opatija
3:00 PM - 7:00 PM Papers 
1.D. Oreški, D. Andročec (Faculty of Organization and Informatics, University of Zagreb, Varaždin, Croatia)
Genetic Algorithm and Artificial Neural Network for Network Forensic Analytics 
Rapid development of Internet of things (IoT) technologies and their application and importance within various fields arises security issues. New threats require development of appropriate approaches to address them since information security problems could led to serious damages. This work focuses on developing methods for prediction of undesired behaviour. Literature review indicated use of advanced statistical approaches such as logistic regression or multiple regression. However, in the recent years, interest among researchers for applying artificial intelligence techniques is growing. Artificial intelligence approaches shown to be powerful tool for development of efficient predictive models in various fields. Main aim of research presented here is to apply artificial intelligent techniques for intrusion analysis. Our approach is based on the neural networks and genetic algorithms. Neural networks results largely depend on the network parameters which are mostly achieved by trial-and-error. Trial-and-error approach requires a lot of time. Thus, we are applying genetic algorithm to optimize neural networks parameters. Experiments are conducted on the publicly available new dataset, Bot-IoT, consisting of legitimate and simulated IoT network traffic incorporating different types of attacks. Here, we investigate: (i) the level to which available data, can be a good basis for predicting intrusion, (ii) efficiency of neural network approach supported by genetic algorithm for developing useful predictive models.
2.M. Dujmić, D. Delija, G. Sirovatka, M. Žagar (TVZ, Zagreb, Croatia)
Using FireEye Endpoint Security for Educational Purposes 
In this paper, it is presented how commercial cybersecurity tool "FireEye Endpoint Security" can be used in the hybrid installation as part of practical student exercises for cybersecurity training in the Network Forensics and Malware Forensics classes. The purpose of student exercise in such a scenario is to understand the capabilities of enterprise-class cybersecurity tools while keeping costs minimal for the university. The working environment is the installation of remote virtual security appliances and university laboratory equipment for independent students' work. This is a scaled-down virtual environment available for independent student work where FireEye Endpoint Security is used in demo and proof-of-concept mode, which requires minimal local installation while providing a full feature set of the tool. Such concept can be used for other commercial tools in same class, or for sharing installation among educational institutions.
3.I. Gribanova, A. Semenov (Matrosov Institute for System Dynamics and Control Theory of Siberian Branch of Russian Academy of S, Irkutsk, Russian Federation)
Constructing a Set of Weak Values for Full-round MD4 Hash Function 
In this paper we describe the construction of a set of full-round MD4 hash values, which are weak against the preimage attack of a special kind. The power estimation for this set, obtained by using an effective probabilistic algorithm, is close to 2^32. According to this, the fraction of weak outputs in the set of all outputs of the MD4 hash function is about 2^-96. Thus, the probability to obtain an easy-invertible output by choosing a random input is significantly higher than 2^-128. These results demonstrate that the full-round MD4 hash function does not have the properties of a random oracle.
4.J. Vijtiuk (Sartura d.o.o, Zagreb, Croatia), L. Perkov, A. Krog (Sartura d.o.o., Zagreb, Croatia)
Bug Detection in Embedded Environments by Fuzzing and Symbolic Execution 
OpenWrt is an Open Source GNU/Linux distribution designed for embedded devices which, although primarily targeting home routers, can run on residential gateways, laptops and other portable devices. RIOT is a real-time multi-threading operating system running on numerous devices that are typically found in the Internet of Things (IoT). Our talk will show how we set up and utilized fuzzing, a software testing process that uses random inputs to track unusual behaviors and crashes, to automatically detect various crashes within both OpenWrt and RIOT Open Source projects. Along with presenting several detected vulnerabilities that expose millions of devices running either OpenWrt or RIOT, we will elaborate on methods and examples on how to identify these issues and improve firmware security.
5.A. Đuranec, S. Gruičić (INsig2 Ltd., Zagreb, Croatia), M. Žagar (Zagreb University of Applied Sciences, Zagreb, Croatia)
Forensic Analysis of Windows 10 Sandbox  
With each Windows operating system, Microsoft introduces new features to its users. Newly added features present a challenge to digital forensics examiners as they are not analyzed or tested enough. One of the latest features, introduced in Windows 10 version 1903 is Windows Sandbox; a lightweight, temporary, environment for running untrusted applications. Because of the temporary nature of the Sandbox and insufficient documentation, digital forensic examiners are facing new challenges when examining this newly added feature which can be used to hide different illegal activities. Throughout this paper, the focus will be on analyzing different Windows artifacts and event logs, with various tools, left behind as a result of the user interaction with the Sandbox feature on a clear virtual environment. Additionally, the setup of the testing environment will be explained, the results of testing and interpretation of the findings will be presented, as well as open-source tools used for the analysis.
6.A. Anđelković, K. Hausknecht (INsig2 d.o.o., Zagreb, Croatia), G. Sirovatka (Zagreb University of Applied Sciences, Zagreb, Croatia)
Linux Forensic Triage: Overview of Process and Tools 
Digital forensics dates back into the 1980s, but the importance of Linux forensics was not taken into place until recently. Linux forensics is a distinctive world compared to Microsoft Windows forensics. Although it is commonly used as a name for the entire operating system, Linux is just the name of the kernel, a piece of software that handles interactions between the hardware and end-user applications. Its popularity has not reached the popularity of the Windows operating system, therefore, without many reliable tools on the market, it represents a bigger challenge for digital forensics investigators. Digital triage is the first investigative step of the forensic examination. It is the process in which an investigator collects, assembles, analyses and prioritizes digital evidence from a crime. There are many available tools on the market for performing Linux triage. The most important part is to understand the tool and its capabilities in order to know which one to use for a certain situation. This paper will describe how Linux system is structured, what its architecture contains, how should one correctly approach and analyze the system and how to understand the tools and results they provide.
7.D. Sladović, D. Topolčić (INsig2, Zagreb, Croatia), D. Delija (Zagreb University of Applied Sciences, Zagreb, Croatia)
Overview of Mac System Security and its Impact on Digital Forensics Process 
Nowadays there are 3 main operating systems used, and Mac OS is one of them. Until now Apple published many iterations of their operating system and with that introduced many new features that are related to system security. Even though security-related changes go unnoticed, in the world of digital forensics this presents a challenge. Today encryption can be implemented on both hardware and software level, which can make imaging Mac’s difficult. In addition, security which is meant to protect user data is also used by criminals to restrict access to their computers. This paper will focus on the differences and problems that occur while creating a forensic image, extracting data, impact of devices that have “T1” or “T2” security chip on digital forensic process and remediation methods.
8.I. Kovačević, S. Groš (University of Zagreb, Faculty of Electrical Engineering and Computing, Zagreb, Croatia)
Red Teams - Pentesters, APTs, or Neither 
In cybersecurity, red teams emulate real threats and launch attack operations to assess an organization’s security posture and provide experience to it’s defenders. Although red team engagements share similarities with penetration testing and vulnerability scanning, they differ significantly in terms of goals and purpose. Moreover, just mimicking real threats does not make red teams APTs. This paper summarizes various academic and industrial views on the topic of cyber red teaming and aims at clarifying the common properties that differentiate it from other types of security assessments and real attackers. Based on evidence from case studies and various expert opinions, we have concluded that red teaming is a distinct type of security assessment, and that penetration tests are often mislabeled as red team engagements.
9.K. Skračić (Ericsson Nikola Tesla d.d., Zagreb, Croatia), F. Rukavina, K. Miličić, J. Petrović, P. Pale (Fakultet Elektrotehnike i Računarstva, Zagreb, Croatia)
File Fragment Classification With Focus on OLE and OOXML Classes 
The classification of file fragments is a crucial step in digital forensics and determining filetypes based on available data fragments. Currently explored methods other than forensic hand-examination involve machine learning techniques using features like byte frequency distribution and artificial neural networks with both convolutional and recurrent neural network approach. In this paper, following up on the authors’ previous research, some new approaches to file fragment classification are explored. File type classes which were previously shown to be difficult to differentiate between, specifically older MS Office file format files (doc, ppt and xml), and newer format files (docx, pptx, and xlsx) were now joined into two separate higher-level classes. This leads to a significant increase in the overall classification accuracy, and different approaches to specifically differentiating between subtypes in each of those two meta-classes are further explored in the paper, some with promising results.
10.M. Juric (Student at University of Zagreb Faculty of Electrical Engineering and Computing, Zagreb, Croatia), A. Sandic, M. Brcic (University of Zagreb Faculty of Electrical Engineering and Computing, Zagreb, Croatia)
AI Safety: State of the Field through Quantitative Lens 
Last decade has seen major improvements in the performance of artificial intelligence which has put the notion of AI safety into the public eye. AI safety is a new field of research focused on techniques for building AI beneficial for humans. While there exist survey papers for the field of AI safety, there is a lack of a quantitative look at the research being conducted - a quantitative look which gives a data-driven insight about the field's development. It is immensely useful to understand the research trends and the most pressing questions the field of AI safety faces, since this gives new (and existing) researchers a way to figure out what research questions need most attention. In this paper, we analyze the field of AI safety quantitatively, as well as give insight into what are the most pressing research questions.

Basic information:

Stjepan Groš (Croatia), Tonimir Kišasondi (Croatia), Mario Spremić (Croatia)

Registration / Fees:
Price in EUR
Up to 14 September 2020
From 15 September 2020
Members of MIPRO and IEEE
Students (undergraduate and graduate), primary and secondary school teachers

The discount doesn't apply to PhD students.


Stjepan Gros
University of Zagreb
Faculty of Electrical Engineering and Computing
Unska 3
HR-10000 Zagreb, Croatia


The best papers will get a special award.
Accepted papers will be published in the ISSN registered conference proceedings. Presented papers in English will be submitted for inclusion in the IEEE Xplore Digital Library (and exclusively not presented papers with the justified reason for not being able to be presented).
There is a possibility that the selected scientific papers with some further modification and refinement are being published in the Journal of Computing and Information Technology (CIT).


Opatija, with its 170-year-old tourism tradition, is the leading seaside resort of the Eastern Adriatic and one of the most famous tourist destinations on the Mediterranean. With its aristocratic architecture and style, Opatija has been attracting artists, kings, politicians, scientists, sportsmen, as well as business people, bankers and managers for more than 170 years.

The tourist offer in Opatija includes a vast number of hotels, excellent restaurants, entertainment venues, art festivals, superb modern and classical music concerts, beaches and swimming pools – this city satisfies all wishes and demands.

Opatija, the Queen of the Adriatic, is also one of the most prominent congress cities in the Mediterranean, particularly important for its ICT conventions, one of which is MIPRO, which has been held in Opatija since 1979, and has attracted more than a thousand participants from over forty countries. These conventions promote Opatija as one of the most desirable technological, business, educational and scientific centers in South-eastern Europe and the European Union in general.

For more details, please visit and

News about event
Currently there are no news
Patrons - random
IRB ZagrebHAKOMKončar Elektroindustrija ZagrebENT ZagrebA1 Hrvatska