EPIC-ARES

2nd Interdisciplinary Workshop on Applied Research in Embedded, Purpose-specific, Integrated Computing and their Availability, Reliability and Security
  • Date
    Aug 02, 2024
  • Location
    SR05
  • Duration
    13:30 — 15:00
Workshops Lettering

Workshop Chairs

Workshop Chairs Logo Workshop Chairs Logo
  • → Simon Duque Antón
  • → Daniel Fraunholz

Accepted Paper

Detection of AI-Generated Emails - A Case Study
Paweł Gryka (Warsaw University of Technology, Poland), Kacper Gradoń (Warsaw University of Technology, Poland), Marek Kozłowski (Warsaw University of Technology, Poland), Miłosz Kutyła (Warsaw University of Technology, Poland), Artur Janicki (Warsaw University of Technology, Poland)
Full Paper
This is a work-in-progress paper on detecting if a text was written by humans or generated by a language model. In our case study, we focused on email messages. For experiments, we used a mixture of publicly available email datasets with our in-house data, containing in total over 10k emails. Then, we generated their "copies" using large language models (LLMs) with specific prompts. We experimented with various classifiers and feature spaces. We achieved encouraging results, with F1-scores of almost 0.98 for email messages in English and over 0.92 for the ones in Polish, using Random Forest as a classifier. We found that the detection model relied strongly on typographic and orthographic imperfections of the analyzed emails and on statistics of sentence lengths. We also observed the inferior results obtained for Polish, highlighting a need for research in this direction.
Workshop IWCC
Unveiling the Darkness: Analysing Organised Crime on the Wall Street Market Darknet Marketplace using PGP Public Keys
Shiying Fan (Fraunhofer SIT, Germany), Paul Moritz Ranly (Fraunhofer SIT, Germany), Lukas Graner (Fraunhofer SIT, Germany), Inna Vogel (Fraunhofer SIT, Germany), Martin Steinebach (Fraunhofer SIT, Germany)
Full Paper
Darknet marketplaces (DNMs) are digital platforms for e-commerce that are primarily used to trade illegal and illicit products. They incorporate technological advantages for privacy protection and contribute to the growth of cybercriminal activities. In the past, researchers have explored methods to investigate multiple identities of vendors covering different DNMs. Leaving aside phenomena such as malicious forgery of identities or Sybil attacks, usernames and their corresponding PGP public keys are used to build brands around users and are considered a trusted method of vendor authentication across DNMs.

This paper aims to demonstrate a forensic method for linking users on a DNM called the Wall Street Market using shared PGP public keys. We developed a trading reputation system to evaluate the transaction behaviour of each user group sharing PGP keys (i.e., PGP groups). Based on the reputation indicators we introduced, we compared PGP groups with high, medium and low reputation levels. Our research suggests that the observed PGP groups exhibit varying organisational structures in relation to their reputation levels, including a more organised and dense cooperation or a looser form of cooperation. As this paper provides an in-depth understanding of user networks on a DNM associated with PGP keys, it is of particular interest for the detection of organised criminal groups on DNMs.
Workshop IWCC
An Exploratory Case Study on Data Breach Journalism
Jukka Ruohonen (University of Southern Denmark, Denmark), Kalle Hjerppe (University of Turku, Finland), Maximilian von Zastrow (University of Southern Denmark, Denmark)
Full Paper
This paper explores the novel topic of data breach journalism and data breach news through the case of databreaches.net, a news outlet dedicated to data breaches and related cyber crime. Motivated by the issues in traditional crime news and crime journalism, the case is explored by the means of text mining. According to the results, the outlet has kept a steady publishing pace, mainly focusing on plain and short reporting but with generally high-quality source material for the news articles. Despite these characteristics, the news articles exhibit fairly strong sentiments, which is partially expected due to the presence of emotionally laden crime and the long history of sensationalism in crime news. The news site has also covered the full scope of data breaches, although many of these are fairly traditional, exposing personal identifiers and financial details of the victims. Also hospitals and the healthcare sector stand out. With these results, the paper advances the study of data breaches by considering these from the perspective of media and journalism.
Workshop IWCC
ParsEval: Evaluation of Parsing Behavior using Real-world Out-in-the-wild X.509 Certificates
Stefan Tatschner (Fraunhofer AISEC; University of Limerick, Germany), Sebastian N. Peters (Fraunhofer AISEC; Technical University of Munich, Germany), Michael P. Heinl (Fraunhofer AISEC; Technical University of Munich, Germany), Tobias Specht (Fraunhofer AISEC, Germany), Thomas Newe (University of Limerick, Ireland)
Full Paper
X.509 certificates play a crucial role in establishing secure communication over the internet by enabling authentication and data integrity. Equipped with a rich feature set, the X.509 standard is defined by multiple, comprehensive ISO/IEC documents. Due to its internet-wide usage, there are different implementations in multiple programming languages leading to a large and fragmented ecosystem. This work addresses the research question “Are there user-visible and security-related differences between X.509 certificate parsers?”. Relevant libraries offering APIs for parsing X.509 certificates were investigated and an appropriate test suite was developed. From 34 libraries 6 were chosen for further analysis. The X.509 parsing modules of the chosen libraries were called with 186,576,846 different certificates from a real-world dataset and the observed error codes were investigated. This study reveals an anomaly in wolfSSL’s X.509 parsing module and that there are fundamental differences in the ecosystem. While related studies nowadays mostly focus on fuzzing techniques resulting in artificial certificates, this study confirms that available X.509 parsing modules differ largely and yield different results, even for real-world out-in-the-wild certificates.
Workshop EPIC-ARES

Detail EPIC-ARES 02/05

Topics of interest include, but are not limited to 03/05

  • Applied embedded security and resiliency
  • Purpose-specific computing and networking
  • Integrated hardware and software security
  • AI-assisted threat detection and mitigation in purpose-specific devices
  • Resiliency of AI subsystems in integrated software
  • Deception and Moving Target Defense for embedded and integrated systems
  • Wireless survivability in dedicated and cyber-physical environments
  • Privacy and Trustworthiness in distributed software and hardware architectures
  • Protocol security
  • Reliability in transport layer connectivity of integrated systems
  • Social implications of IoT security
  • Social implications of trust in distributed systems
  • Regulatory aspects of embedded, purpose-specific, and integrated computing

Workshop Chairs 04/05

Workshop Chairs

Workshop Chairs Logo
Simon Duque Antón
comlet Verteilte Systeme GmbH, Germany
Workshop Chairs Logo
Daniel Fraunholz
Central Office for Information Technology in the Security Sector (ZITiS), Germany

Program Committee

Anna Hristoskova | Sirris, BE
Farhad Aghili | Sirris, BE
Annanda Rath | Sirris, BE
Sven Plaga | Center for Intelligence and Security Studies (CISS), DE
Marc Ohm | University of Bonn, DE
Michael Rademacher | Fraunhofer FKIE and Hochschule Bonn-Rhein-Sieg, DE
Kai Bader | Central Office for IT in the Security Sector (ZITiS), DE
Bin Han | University of Kaiserslautern-Landau, DE
Jörg Schneider | Federal Network Agency, DE

Submission 05/05

Important Dates

Submission Deadline May 12, 2024
Author Notification May 29, 2024
Proceedings Version Jun 18, 2024
Conference Jul 30 — Aug 02, 2024
Join ARES 2025!

Join us at ARES 2025 in Ghent, Belgium