Secure IT Systems

This book constitutes the refereed proceedings of the 30th Nordic Conference on Secure IT Systems, NordSec 2025, held in Tartu, Estonia, during November 12-13, 2025.

The 29 full papers included in this book were carefully reviewed and selected from 89 submissions. They were organized in topical sections as follows: Cryptography; Artificial Intelligence and Software Security; Network and Communication Security; System and Hardware Security; Threat Analysis; Access Control and Policy Management; Usable Security and Societal Resilience; and Obfuscation.

. -
Cryptography
.

. - DDH-Based Schemes for Multi-Party Function Secret Sharing.

. - Integrating PQC in OpenSSL via Shallow Providers for Cryptographic Agility.

. - Attacking an RSA-like Cryptosystem Using Continued Fractions and Lattices.

. - A Comparative Software Benchmark of Lightweight Hash Functions on 8-bit AVR Using ChipWhisperer.

. - A New Optimized Implementation of SMAUG-T for Lightweight Devices.

. - Exploiting Quantum Point-to-Point Protocol (Q3P) for Denial-of- Service (DoS) Attacks.

. -
Artificial Intelligence and Software Security
.

. - OHRA: Dynamic Multi-Protocol LLM-Based Cyber Deception.

. - Targeted AI-Based Password Guessing Leveraging Email-Derived User Attributes.

. - On the Security and Privacy of AI-based Mobile Health Chatbots.

. - Fairness Under Noise: How Di! erential Privacy A! ects Bias in GANs-Generated Data.

. - GadgetBuilder: An Overhaul of the Greatest Java Deserialization Exploitation Tool.

. - Software Supply Chain Security: Can We Beat the Kill-Chain? A Case Study on the XZ Backdoor.

. -
Network and Communication Security
.

. - MP-LFM: Breaking Subscriber Privacy (even more) by Exploiting Linkability in 5G AKA.

. - Mitigating Tra c Analysis Attacks While Maintaining On-Path Network Observability.

. - Privacy and Security of DNS Resolvers used in the Nordics and Baltics.

. -
System and Hardware Security
.

. - WireTrust: A TrustZone-Based Non-Bypassable VPN Tunnel.

. - Timing Interference in Multi-Core RISC-V Systems: Security Risks and Mitigations.

. - A Walk Down Memory Lane: Timing Analysis of Load and Store Instructions on ARM Cortex-M3 Devices.

. -
Threat Analysis
.

. - An Empirical Evaluation of Intrusion Detection Systems Based on System Calls.

. - Dissecting Mirai: Spatio-Sequential Analysis and Restoration Strategies Using MITRE ATT& CK and D3FEND.

. - Graph Reduction to Attack Trees for (Unobservable) Target Analysis.

. -
Access Control and Policy Management
.

. - Threshold Trust Logic.

. - Mining Attribute-Based Access Control Policies via Categorisation.

. - Multi-entity Control-Based Risk Assessment: A European Digital Identity Wallet Use Case.

. -
Usable Security and Societal Resilience
.

. - From Perception to Protection: A Mental Model-Based Framework for Capturing Usable Security and Privacy Requirements.

. - Understanding APT Defense Through Expert Eyes: A Critical Exploration of Perceived Needs and Gaps.

. - Foreign Disinformation on Swedish Facebook: A Mixed-Methods Thematic Analysis of Manipulative Narratives and Societal Resilience.

. -
Obfuscation
.

. - Key-Gated Generative Obfuscation for Embedded Strings.

. - Bugfuscation.