Conveners
Network Security
- Adrian Alexandrescu (Gheorghe Asachi Technical University of Iasi)
Description
Network Security
This paper introduces and develops Temperance, an adversary emulation framework, which can be used by the red team operators to assess the security of the target infrastructure.
To control the host during the post-exploitation phase, the operator implants an agent into the target that calls back to the C2 (Control and Command) server, from which the professionals have full remote control of...
As the challenges with cyber threats increase, prompt detection of exposed assets is needed to minimize attack surfaces and maintain resilience in networked systems. This paper outlines the design and testing of a distributed scanning engine, developed as part of a national cybersecurity initiative on actively advancing active defense capabilities. The system is constructed using simple...
Reconnaissance data generated from scanning engines often provide limited context for actionable decisions to improve cyber defenses. The identification of open ports and exposed services provide a baseline mapping of the digital surface but only present real value in the form of contextualized threat intelligence. This paper puts forth a repeatable process that leverages raw scan results with...
The growing use of Internet of Things (IoT) devices in homes and workplaces has presented significant security issues, particularly due to the opacity with which devices function and handle personal data, especially when cloud services get introduced. Increasingly, IoT platforms rely on external cloud infrastructure to mediate even basic device operations, using remote servers as middle-men to...
The increasing availability of real-time clinical data from medical devices and health information systems creates new opportunities to enhance diagnostic accuracy, preventive care, and patient engagement. This paper proposes a modular, AI-driven architecture for a healthcare decision support platform that integrates predictive analytics, medical image processing, real-time patient monitoring,...
Drones, while critical for numerous applications, are particularly susceptible to a variety of cyber threats. Traditional single-model security solutions often present inherent weaknesses, creating specific attack surfaces that can be exploited by adversaries. This paper aims to explore a multi-modal approach to drone security, addressing these vulnerabilities through system diversity. By...
Java Management Extensions (JMX) are essential for administrating Java applications, yet their exposure via HTTP bridges like Jolokia can create significant security risks. This paper investigates how vendor-specific modifications in downstream enterprise products can alter the attack surface of known vulnerabilities. Focusing on CVE-2023-50780, we analyze a critical misconfiguration in RedHat...
