Digital Threats: Research and Practice (DTRAP)


Digital Threats: Research and Practice (DTRAP) is a peer-reviewed journal that targets the prevention, identification, mitigation, and elimination of digital threats.  DTRAP promotes the foundational development of scientific rigor in digital security by bridging the gap between academic research and industry practice.  Accordingly, the journal welcomes the submission of scientifically rigorous manuscripts that address extant digital threats, rather than laboratory models of potential threats.  To be accepted for publication, manuscripts must demonstrate scientific rigor and present results that are reproducible." 

DTRAP invites researchers and practitioners to submit manuscripts that present scientific observations about the identification, prevention, mitigation, and elimination of digital threats in all areas, including computer hardware, software, networks, robots, industrial automation, firmware, digital devices, etc.  For articles involving analysis, the journal requires the use of relevant data and the demonstration of the importance of the results.  For articles involving the results of structured observation such as experimentation and case studies, the journal requires explicit inclusion of rigorous practices; for example, experiments should clearly describe why internal validity, external validity, containment, and transparency hold for the experiment described. Read more.

Click here for Author Guidelines and the DTRAP manuscript submission site.

Forthcoming Articles

The Identity Ecosystem

Fingerpointing False Positives - How to better integrate Continuous Improvement into Security Monitoring

This paper is about how you can make your Security Operation Center more efficient and give your bored-out analysts more purpose, by making a small change to your security monitoring process. With a potential huge change in your workflow, and improved results.

The Sorry State of TLS Security in Enterprise Interception Appliances

SCA-Pitaya: A Practical and Affordable Side-Channel Attack Setup for Power Leakage-Based Evaluations

Athough side-channel attacks appeared almost two decades ago, they remain very little discussed by security professionals outside the academia, or very specific sectors (e.g. smartcard industry, governments). However, with the increasing generalisation of IoT systems, they are a threat that can no longer be ignored by the operational world. This work aims to demonstrate that side-channel attacks can be practically achieved by an attacker, with reasonable means, effort, knowledge, and time. For this purpose, the contribution of this work is twofold. First, it is shown how a side-channe attack setup exploiting power leakages through electro-magnetic radiations, and making use of general-purpose and affordable equipment can be built. The acquisition of attack power traces is made thanks to a Red Pitaya STEMlab platform coupled with a home-built radio front-end. Second, it is shown how an attack can be conducted against targets that are representative of IoT devices: 8-bit and 32-bit Arduino boards.

All ACM Journals | See Full Journal Index