Welcome to CCSIT 2024

14th International Conference on Computer Science and Information Technology (CCSIT 2024)

September 21-22, 2024, Copenhagen, Denmark



Accepted Papers
Security Assessment of in-vehicle Network Intrusion Detection in Real-life Scenarios

Kamronbek Yusupov1, Md Rezanur Islam1, Insu Oh2, Mahdi Sahlabadi2, and Kangbin Yim2, 1Software Convergence, Soonchunhyang University, Asan-si, South Korea, 2Department of Information Security Engineering, Soonchunhyang University, Asan-si, South Korea

ABSTRACT

This research focuses on evaluating the security of an intrusion detection system in a CAN bus-based vehicle control network. A series of studies were conducted to evaluate the performance of models proposed by previous researchers, testing their effectiveness in real-world scenarios as opposed to those on which they were trained. The article demonstrates that models trained and tested on the same dataset can only sometimes be considered adequate. An approach that included models trained only on CAN ID, Payload, or full data was chosen. The research results show that such methods are ineffective enough in real-world attack scenarios because they cannot distinguish between new scenarios not presented during training. The results of testing the models in various attack scenarios are presented, and their limitations are identified. In addition, a new method is proposed explicitly for attack scenarios that may occur in the real-world use of an in-vehicle CAN communication system.

KEYWORDS

Intrusion Detection System, Controller Area Network, In-Vehicle Network, LSTM.


Analysing Password Strength for Sophomores

Omar Saad Almousa, Jordan University of Science and Technology, Jordan

ABSTRACT

Passwords are ubiquitous and this will continue for long. Strong passwords are a necessity to protect sensitive information. However, users not only tend to pick weak passwords, but also reuse them over several authentication systems. The existence of weak passwords in a system not only jeopardize that system, but also other systems with overlapping users because of password reuse phenomena. Investigating users’ behaviour in password creation leads to finding ways to avoid weak passwords. One aspect of that is to study the very passwords. In this study we analyse 662 passwords created by fresh students in our faculty. The students picked their passwords to authenticate themselves to a platform for programming practice and assignment solving. Our analysis relied on basic structural parameters such as password length, constructing characters, and entropy. To that end, we coined two definitions for weak and strong passwords. One is alphabet-based, and the other is entropy based. Accordingly, we found that majority of students do not tend to create strong passwords. We believe that this is due to the lack of enforcement of a strong password policy.

KEYWORDS

Passwords, Analysis, Weak password, Strong password.