Risks and Security of Internet and Systems 13th International Conference, CRiSIS 2018, Arcachon, France, October 16–18, 2018, Revised Selected Papers

This book constitutes the revised selected papers from the 13th International Conference on Risks and Security of Internet and Systems, CRiSIS 2018, held in Arcachon, France, in October 2018.

The 12 full papers and 6 short papers presented in this volume were carefully reviewed and selected from 34 submissions. They cover diverse research themes that range from classic topics, such as vulnerability analysis and classification; apps security; access control and filtering; cloud security; cyber-insurance and cyber threat intelligence; human-centric security and trust; and risk analysis.

An Empirical Study on the Comprehensibility of Graphical Security Risk Models Based on Sequence Diagrams.- Are Third-Party Libraries Secure? A Software Library Checker for Java.- A prediction-based method for False Data Injection Attacks Detection in Industrial Control Systems.- Outsourcing Signatures of Confidential Documents.- Trust evaluation model for attack detection in Social Internet of Things.- A certificate-less key exchange protocol for IoT.- Personalized, Browser-based Visual Phishing Detection Based on Deep Learning.- Privacy Preserving Data Offloading based on Transformation.- DSTC: DNS-based Strict TLS Configurations.- Authenticated Quality of Service Aware Routing in Software Defined Networks.- On Consent in Online Social Networks: Privacy Impacts and Research Directions (Short Paper).- Enhancing Collaboration between Security Analysts in Security Operations Centers.- RIICS: Risk based IICS segmentation Method.- Effectiveness and Impact measurements of a diversification based Moving Target Defense.- Practical security exploits of the FlexRay in-vehicle communication Protocol.- Connection Dumping Vulnerability Affecting Bluetooth Availability.- A Systematic Method to Describe and Identify Security Threats Based on Functional Requirements.- Optimal Distribution of Privacy Budget in Differential Privacy.