Export Citations
Save this search
Please login to be able to save your searches and receive alerts for new content matching your search criteria.
- research-articleAugust 2024
The Cryptographic Algorithm Identification: Using Deep Learning to Empower Smart Grids
MIDA '24: Proceedings of the 2024 International Conference on Machine Intelligence and Digital ApplicationsPages 280–285https://doi.org/10.1145/3662739.3663379The smart grid has now been fully implemented with a robust defense system that is built on the primary security principles of “security zoning, network specialization, horizontal isolation, and vertical authentication.” The secure cryptographic module ...
- research-articleSeptember 2023
Black-Box Attack-Based Security Evaluation Framework for Credit Card Fraud Detection Models
INFORMS Journal on Computing (INFORMS-IJOC), Volume 35, Issue 5Pages 986–1001https://doi.org/10.1287/ijoc.2023.1297The security of credit card fraud detection (CCFD) models based on machine learning is important but rarely considered in the existing research. To this end, we propose a black-box attack-based security evaluation framework for CCFD models. Under this ...
- ArticleMay 2023
A Study for Security of Visual Cryptography
AbstractWe verify the achievement of information-theoretic security of Visual Cryptography (VC) based on the detailed attack scenario. In addition, practical VCs use pseudo-random permutation (PRP) as a random shuffle, which we also verify in this case. ...
- research-articleFebruary 2023
Abusive adversarial agents and attack strategies in cyber‐physical systems
CAAI Transactions on Intelligence Technology (CIT2), Volume 8, Issue 1Pages 149–165https://doi.org/10.1049/cit2.12171AbstractThe exponential increase in IoT device usage has spawned numerous cyberspace innovations. IoT devices, sensors, and actuators bridge the gap between physical processes and the cyber network in a cyber‐physical system (CPS). Cyber‐physical system ...
- research-articleNovember 2022
Game Theory Approaches for Evaluating the Deception-based Moving Target Defense
MTD'22: Proceedings of the 9th ACM Workshop on Moving Target DefensePages 67–77https://doi.org/10.1145/3560828.3563995Moving target defense (MTD) is a proactive defensive mechanism proposed to disrupt and disable potential attacks, thus reversing the defender's disadvantages. Cyber deception is a complementary technique that is often used to enhance MTD by utilizing ...
-
- research-articleDecember 2021
The Emperor’s New Autofill Framework:A Security Analysis of Autofill on iOS and Android
ACSAC '21: Proceedings of the 37th Annual Computer Security Applications ConferencePages 996–1010https://doi.org/10.1145/3485832.3485884Password managers help users more effectively manage their passwords, encouraging them to adopt stronger passwords across their many accounts. In contrast to desktop systems where password managers receive no system-level support, mobile operating ...
- research-articleDecember 2020
Multilevel Model of Computer Attack Based on Attributive Metagraphs
Automatic Control and Computer Sciences (ACCS), Volume 54, Issue 8Pages 944–948https://doi.org/10.3103/S0146411620080192AbstractApproaches to recognition of malicious behavior in computer networks and security evaluation of information systems using attributive metagraphs have been considered. Matrices of techniques, tactics, and methods of computer attacks for their ...
- research-articleOctober 2020
Evaluating Cascading Impact of Attacks on Resilience of Industrial Control Systems: A Design-Centric Modeling Approach
CPSS '20: Proceedings of the 6th ACM on Cyber-Physical System Security WorkshopPages 42–53https://doi.org/10.1145/3384941.3409587A design-centric modeling approach was proposed to model the behaviour of the physical processes controlled by Industrial Control Systems (ICS) and study the cascading impact of data-oriented attacks. A threat model was used as input to guide the ...
- research-articleAugust 2020
Refining the evaluation of the degree of security of a system built using security patterns
ARES '20: Proceedings of the 15th International Conference on Availability, Reliability and SecurityArticle No.: 36, Pages 1–7https://doi.org/10.1145/3407023.3407070Evaluating the degree of security of a specific software system is a difficult problem and many metrics have been proposed. However, if the system has been built with a methodology that uses patterns as artifacts, a systematic and rather simple ...
- research-articleJuly 2020
Research of Global Strategic Cyberspace Security Risk Evaluation System Based on Knowledge Service
ICGDA '20: Proceedings of the 2020 3rd International Conference on Geoinformatics and Data AnalysisPages 140–146https://doi.org/10.1145/3397056.3397084In recent years, cyberspace has been formed and is continuously developing. It has fundamentally revolutionized the mechanism by which information is disseminated and utilized, in order to be closely involved in the physical world and human activities. ...
- research-articleJanuary 2019
Security evaluation and design elements for a class of randomised encryptions
IET Information Security (ISE2), Volume 13, Issue 1Pages 36–47https://doi.org/10.1049/iet-ifs.2017.0271This study considers a class of randomised encryption techniques, where the encrypted data suffers from noise through transmission over a communication channel. It focuses on the encoding–encryption framework, where the data is first encoded using error ...
- research-articleAugust 2018
Evaluating the degree of security of a system built using security patterns
ARES '18: Proceedings of the 13th International Conference on Availability, Reliability and SecurityArticle No.: 43, Pages 1–8https://doi.org/10.1145/3230833.3232821A variety of methodologies to build secure systems have been proposed. However, most of them do not say much about how to evaluate the degree of security of their products. In fact, we have no generally-accepted ways to measure if the product of some ...
- research-articleJanuary 2018
Security evaluation on Simeck against zero‐correlation linear cryptanalysis
IET Information Security (ISE2), Volume 12, Issue 1Pages 87–93https://doi.org/10.1049/iet-ifs.2016.0503Since proposed by the National Security Agency in June 2013, two lightweight block ciphers‐SIMON and SPECK have attracted the attention of cryptographers from all over the world. At CHES 2015, Simeck, a new block cipher inspired from both SIMON and SPECK ...
- research-articleNovember 2017
Three-Step Approach to QoS Maintenance in Cloud Computing Using a Third-Party Auditor
Procedia Computer Science (PROCS), Volume 114, Issue CPages 83–92https://doi.org/10.1016/j.procs.2017.09.014Cloud computing is a rapidly evolving service for potential clients who wish to outsource their data storage or subscribe to cloud services. In a data-driven society, every company needs to make cost-effective and responsible decisions in terms of how ...
- research-articleOctober 2017
How formal analysis and verification add security to blockchain-based systems
Blockchain is an integrated technology to ensure keeping record and process transactions with decentralized manner. It is thought as the foundation of future decentralized ecosystem, and collects much attention. However, the maturity of this technology ...
- invited-talkOctober 2015
Getting Beyond Tit for Tat: Better Strategies for Moving Target Prototyping and Evaluation
MTD '15: Proceedings of the Second ACM Workshop on Moving Target DefensePage 55https://doi.org/10.1145/2808475.2808489The cyber moving target (MT) approach has been identified as one of the game-changing themes to rebalance the cyber landscape in favor of defense. MT techniques make cyber systems less static, less homogeneous, and less deterministic in order to create ...
- ArticleJune 2015
A Hierarchical Security-Auditing Methodology for Cloud Computing
SCC '15: Proceedings of the 2015 IEEE International Conference on Services ComputingPages 202–209https://doi.org/10.1109/SCC.2015.36Security concerns are frequently mentioned among the reasons why organizations hesitate to adopt cloud computing. Given the numerous choices of cloud-resource providers, clients often find it difficult to assess their relative advantages and ...
- research-articleNovember 2014
Poisoning behavioral malware clustering
- Battista Biggio,
- Konrad Rieck,
- Davide Ariu,
- Christian Wressnegger,
- Igino Corona,
- Giorgio Giacinto,
- Fabio Roli
AISec '14: Proceedings of the 2014 Workshop on Artificial Intelligent and Security WorkshopPages 27–36https://doi.org/10.1145/2666652.2666666Clustering algorithms have become a popular tool in computer security to analyze the behavior of malware variants, identify novel malware families, and generate signatures for antivirus systems. However, the suitability of clustering algorithms for ...
- articleNovember 2014
A model-driven approach for experimental evaluation of intrusion detection systems
Security and Communication Networks (SACN), Volume 7, Issue 11Pages 1955–1973https://doi.org/10.1002/sec.911Because attacks are becoming more frequent and more complex, intrusion detection systems IDSes need significant improvements to be able to detect new attacks and variants of already known attacks. It is thus necessary to assess precisely their quality ...
- ArticleJuly 2014
Reverse Engineering Web Applications for Security Mechanism Enhancement
COMPSACW '14: Proceedings of the 2014 IEEE 38th International Computer Software and Applications Conference WorkshopsPages 492–497https://doi.org/10.1109/COMPSACW.2014.82This paper focuses on reverse engineering web application for security mechanisms detection in the current design and thereby presents a security evaluation method for web application taking consideration of potential threats, security features provided ...