Hybrid Event

Event program

Tuesday, 9/28/2021 3:00 PM - 7:00 PM, Bellavista, Grand hotel Adriatic, Opatija 3:00 PM - 7:00 PM Papers  1. B. Novković (Fakultet elektrotehnike i računarstva, Zagreb, Croatia) A Taxonomy of Defenses against Memory Corruption Attacks  Vulnerabilities caused by memory corruption related bugs are a pervasive and seemingly insurmountable threat, continually undermining the security of the whole computing environment. Along with a concise enumeration of existing attacks and bugs, we give a brief insight into state-of-the-art defenses introduced throughout the years, with a special focus on operating system defenses. 2. V. Korzhik, V. Starostin, M. Kabardov, V. Yakovlev, A. Gerasimovich, A. Zhuvikin (The Bonch-Bruevich Saint-Petersburg State University of Telecommunications, Saint-Petersburg , Russian Federation) Optimization of the Key Sharing Protocol for Noiseless Public Channels without the Use of Cryptographic Assumptions  Traditional physical-layer based secret key sharing scheme typically suggests some cryptographic assumption. In this paper we develop the key sharing protocol for noiseless public channels without any cryptographic assumptions that was proposed recently by the same group of authors. But in contrast to our previous investigations we introduce here more profound research of previous approach. First of all we replace four-step protocol presented before to two-step protocol without loss of key security. A comparison of protocol with and without additional sub key channel is given. Impossibility to use integers instead of matrices in execution of information exchange over the channel is demonstrated. Selecting of the main key sharing protocol parameters in order to minimize channel traffic, given the key bit reliability and information-theoretic security is provided. As a source of random date that are needed for a creation of matrices is tested a compact hardware device generating of truly random sequences. It follows from our investigations that the proposed key sharing protocol can be easily executed by individuals involvedinto ordinary Internet activity providing information theoretical security level even during post quantum period. 3. D. Delija, G. Sirovatka (TVZ, Zagreb, Croatia), I. Špoljarić (MUP, Zagreb, Croatia) Preparation and Planning of the Development of a Proficiency Test in the Field of Digital Forensics  This paper presents the planning and preparation of an proficiency test for the field of digital forensics. The paper provides elaboration of the idea and procedure of creating a forensic experiment, the result of which will be a test of expertise applicable for various organizations engaged in digital forensics. The whole process of planning, selecting forensic tools, defining forensic procedures, and producing test forensic images is shown, explaining and elaborating the criteria used in the selection, and the expected results. The proficiency test is planned for a smart electric bike. 4. B. Novković, A. Božić, M. Golub, S. Groš (Fakultet elektrotehnike i računarstva, Zagreb, Croatia) Confidential Computing as an Attempt to Secure Service Provider's Confidential Client Data in Multi-Tenant Cloud Environment  Cloud-oriented infrastructure posed itself as a predominant deployment paradigm in the recent decade due to its ease of provisioning and relatively low cost. However, entrusting a third party with sensitive data in a multi-tenant environment brings about increased data breach risks. The aim of this paper is to give an insight into challenges and threats encountered in mitigating data breach and repudiation risks for service providers utilizing cloud-based environments. Through constructing and studying a possible cloud-based service, we form a corresponding threat model with a special focus on risks originating from internal actors. We explore confidential computing as a possible solution for data confidentiality in cloud-based systems. 5. D. Delija, Ž. Petrović, G. Sirovtka, M. Žagar (TVZ, Zagreb, Croatia) An Analysis of Wireless Network Security Test Results provided by Raspberry Pi Devices on Kali Linux  This paper provides an analysis of the results of wireless network security testing. Wireless network testing was done using a Raspberry Pi device under the Kali Linux operating system. A legal testing procedure was carried out, tools and testing procedures were presented and the influence of various tools on the reliability of test results was analyzed. The obtained results of various tools have been compared and interpreted with the aim of understanding the actual state of user wireless networks. Analysis of test results indicates serious safety issues that pose a risk to both owners and service providers. 6. K. Knežević (Visoko učilište Algebra, Zagreb, Croatia) Generating Prim Numbers Using Genetic Algorithms  Genetic algorithms are well-known and frequently used heuristic methods for solving optimization problems. The theme of the paper is the application of genetic algorithms for generating large prime numbers that have special significance in cryptography. An introduction to the theory of prime numbers and the methods used to check the primality of a large number are shown. The implementation of a genetic algorithm for generating prime numbers is presented with a convenient representation and genetic operators. The results were analyzed and graphically presented for different genetic algorithm parameters. 7. D. Delija, I. Mohenski, G. Sirovatka (Zagreb University of Applied Sciences, Zagreb, Croatia) Comparative Analysis of Network Forensic Tools on Different Operating Systems  This paper deals with the theoretical and practical elaboration of the mentioned topics, which gives an insight into digital forensics, network forensics, collection and analysis of digital evidence, and the tools with which the above is done. An insight into the comparison of tools is provided, which begins with the selection of tools according to the stated criteria and the description of the tools with the operating systems on which they run. The comparison itself begins with defining tasks to test functionality. Upon completion of the above tasks, the obtained results are recorded and later used to analyze the performance of the tool. After the tool comparison, the obtained results are scored and ranked, and then a conclusion is given about the acquired knowledge and experience during the preparation of this paper. 8. D. Lawal, D. Gresty, D. Gan, L. Hewitt (University of Greenwich, London, United Kingdom) Have You Been Framed and Can You Prove it?  This work addresses the potential for a frameup attack through the use of a programmable USB e.g., a ‘Rubber Ducky’ to plant false evidence on someone else’s computer. The aim is to determine who performed these actions, the human or the Rubber Ducky. Experiments were undertaken where a human interacted with a computer and a Rubber Ducky performed the same actions using identical computers, with identical baseline configurations, to detect differences in the artifacts left behind in each case. Forensics images generated from each experiment were analysed using forensics tools. Our findings pose the question can a programmable USB device be used to masquerade as a human, and can the forensic analyst or legal counsel make informed decisions about the provenance of any artifacts identified, as the expert may not be able to differentiate between the actions of the human user or the programmable USB, which could lead to a miscarriage of justice. This work alerts investigators and experts to the potential presence of a programmable USB device, and presents some artifacts that show that a programmable USB could have carried out these actions, which might prevent an innocent individual being wrongfully convicted of a crime they did not commit. 9. I. Nađ (OŠ Eugena Kvaternika, Velika Gorica; Visoko učilište Algebra, Zagreb; Fakultet hrvatskih studija, Zagreb, Croatia) Kriptografija u nastavi matematike u osnovnoj školi   Nastavnici matematike se često u nastavi susreću s pomanjkanjem interesa i motivacije učenika za matematiku. Kako istraživanja pokazuju da rad nastavnika matematike utječe i na rad i motivaciju učenika, na nastavnicima je velika odgovornost da svojim pristupom i zalaganjem obogate nastavni proces novim sadržajima i aktivnostima koji bi bili motivirajući učenicima. U članku se kratko opisuju šifre primjerene za rad u osnovnoj školi, predlažu nastavni sadržaji iz matematike u koje bi se te šifre mogle uključiti te opisuju korelacije s drugim predmetima u osnovnoj školi.

Stjepan Groš (Croatia), Tonimir Kišasondi (Croatia), Mario Spremić (Croatia)

The discount doesn't apply to PhD students.

Stjepan Gros
University of Zagreb
Faculty of Electrical Engineering and Computing
Unska 3
HR-10000 Zagreb, Croatia

E-mail: stjepan.gros@fer.hr

The best papers will get a special award.
Accepted papers will be published in the ISSN registered conference proceedings. Presented papers in English will be submitted for inclusion in the IEEE Xplore Digital Library.
.............
There is a possibility that the selected scientific papers with some further modification and refinement are being published in the Journal of Computing and Information Technology (CIT).