Detection of Intrusions and Malware, and Vulnerability Assessment

This book constitutes the proceedings of the 21st International Conference on Detection of Intrusions and Malware, and Vulnerability Assessment, DIMVA 2024, held in Lausanne, Switzerland, during July 1719, 2024.

The 22 full papers and 6 short paper presented in this volume were carefully reviewed and selected from 110 submissions. The papers are organized in thematical sections named: vulnerability detection and defense; malware and threats; mobile and web application security; AI for security; hardware and firmware security; cyber physical systems and IoT.

Inhalt

.- Vulnerability Detection and Defense.
.- Exceptional Interprocedural Control Flow Graphs for x86-64 Binaries.
.- S2malloc: Statistically Secure Allocator for Use-After-Free Protection And More.
.- Acoustic Side-Channel Attacks on a Computer Mouse.
.- Using Semgrep OSS to Find OWASP Top 10 Weaknesses in PHP Applications: A Case Study.
.- Modularized Directed Greybox Fuzzing for Binaries over Multiple CPU Architectures.
.- Malware and Threats.
.- Constructs of Deceit: Exploring Nuances in Modern Social Engineering Attacks.
.- Tarallo: Evading Behavioral Malware Detectors in the Problem Space.
.- Evading Userland API Hooking, Again: Novel Attacks and a Principled Defense Method.
.- Extended Abstract: Evading Packing Detection: Breaking Heuristic-Based Static Detectors.
.- Listening between the Bits: Privacy Leaks in Audio Fingerprints.
.- Mobile and Web Application Security.
.- Bringing UFUs Back into the Air With FUEL: A Framework for Evaluating the Effectiveness of Unrestricted File Upload Vulnerability Scanners.
.- SandPuppy: Deep-state fuzzing guided by automatic detection of state-representative variables.
.- Extended Abstract - Tracking Manifests - Persistent Identifiers in Progressive Web Apps.
.- PayRide: Secure Transport e-Ticketing with Untrusted Smartphone Location.
.- Knocking on Admin's Door: Protecting Critical Web Applications with Deception.
.- AI for Security.
.- Approach for the Optimization of Machine Learning Models for Calculating Binary Function Similarity.
.- Inferring Recovery Steps from Cyber Threat Intelligence Reports.
.- Pairing Security Advisories with Vulnerable Functions Using Open-Source LLMs.
.- Extended Abstract: Assessing Language Models for Semantic Textual Similarity in Cybersecurity.
.- Extended Abstract: A Transfer Learning-based Training Approach for DGA Classification.
.- Hardware and Firmware Security.
.- Seum Spread: Discerning Security Flaws in IoT Firmware Via Call Sequence Semantics.
.- Gluezilla: Efficient and Scalable Software to Hardware Binding using Rowhammer.
.- SmmPack: Obfuscation for SMM Modules.
.- Presshammer: Rowhammer and Rowpress without Physical Address Information.
.- Cyber Physical Systems and IoT.
.- SecMonS: A Security Monitoring Framework for IEC 61850 Substations Based on Configuration Files and Logs.
.- FaultGuard: A Generative Approach to Resilient Fault Prediction in Smart Electrical Grids.
.- Wireless Modulation Identification: filling the gap in IoT networks security audit.
.- Extended Abstract: Assessing GNSS Vulnerabilities in Smart Grids.