发布求助
文献互助 智能选刊 最新文献

Proceedings of the Symposium and Bootcamp on the Science of Security最新文献

筛选
英文 中文
Software and attack centric integrated threat modeling for quantitative risk assessment 以软件和攻击为中心的定量风险评估集成威胁建模
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898390
Bradley Potteiger, Gonçalo Martins, X. Koutsoukos
{"title":"Software and attack centric integrated threat modeling for quantitative risk assessment","authors":"Bradley Potteiger, Gonçalo Martins, X. Koutsoukos","doi":"10.1145/2898375.2898390","DOIUrl":"https://doi.org/10.1145/2898375.2898390","url":null,"abstract":"One step involved in the security engineering process is threat modeling. Threat modeling involves understanding the complexity of the system and identifying all of the possible threats, regardless of whether or not they can be exploited. Proper identification of threats and appropriate selection of countermeasures reduces the ability of attackers to misuse the system. This paper presents a quantitative, integrated threat modeling approach that merges software and attack centric threat modeling techniques. The threat model is composed of a system model representing the physical and network infrastructure layout, as well as a component model illustrating component specific threats. Component attack trees allow for modeling specific component contained attack vectors, while system attack graphs illustrate multi-component, multi-step attack vectors across the system. The Common Vulnerability Scoring System (CVSS) is leveraged to provide a standardized method of quantifying the low level vulnerabilities in the attack trees. As a case study, a railway communication network is used, and the respective results using a threat modeling software tool are presented.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"29 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"127736943","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 41
Operation-level traffic analyzer framework for smart grid 面向智能电网的运营级流量分析框架
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898396
Wenyu Ren, K. Nahrstedt, Timothy M. Yardley
{"title":"Operation-level traffic analyzer framework for smart grid","authors":"Wenyu Ren, K. Nahrstedt, Timothy M. Yardley","doi":"10.1145/2898375.2898396","DOIUrl":"https://doi.org/10.1145/2898375.2898396","url":null,"abstract":"The Smart Grid control systems need to be protected from internal attacks within the perimeter. In Smart Grid, the Intelligent Electronic Devices (IEDs) are resource-constrained devices that do not have the ability to provide security analysis and protection by themselves. And the commonly used industrial control system protocols offer little security guarantee. To guarantee security inside the system, analysis and inspection of both internal network traffic and device status need to be placed close to IEDs to provide timely information to power grid operators. For that, we have designed a unique, extensible and efficient operation-level traffic analyzer framework. The timing evaluation of the analyzer overhead confirms efficiency under Smart Grid operational traffic.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"85 4 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122661953","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Decentralization and security in dynamic traffic light control 动态红绿灯控制中的分权与安全
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898384
Jian Lou, Yevgeniy Vorobeychik
{"title":"Decentralization and security in dynamic traffic light control","authors":"Jian Lou, Yevgeniy Vorobeychik","doi":"10.1145/2898375.2898384","DOIUrl":"https://doi.org/10.1145/2898375.2898384","url":null,"abstract":"Complex traffic networks include a number of controlled intersections, and, commonly, multiple districts or municipalities. The result is that the overall traffic control problem is extremely complex computationally. Moreover, given that different municipalities may have distinct, non-aligned, interests, traffic light controller design is inherently decentralized, a consideration that is almost entirely absent from related literature. Both complexity and decentralization have great bearing both on the quality of the traffic network overall, as well as on its security. We consider both of these issues in a dynamic traffic network. First, we propose an effective local search algorithm to efficiently design system-wide control logic for a collection of intersections. Second, we propose a game theoretic (Stackelberg game) model of traffic network security in which an attacker can deploy denial-of-service attacks on sensors, and develop a resilient control algorithm to mitigate such threats. Finally, we propose a game theoretic model of decentralization, and investigate this model both in the context of baseline traffic network design, as well as resilient design accounting for attacks. Our methods are implemented and evaluated using a simple traffic network scenario in SUMO.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"24 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115515551","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 10
Risk-based attack surface approximation: poster 基于风险的攻击面近似:海报
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898388
Christopher Theisen, L. Williams
{"title":"Risk-based attack surface approximation: poster","authors":"Christopher Theisen, L. Williams","doi":"10.1145/2898375.2898388","DOIUrl":"https://doi.org/10.1145/2898375.2898388","url":null,"abstract":"Proactive security review and test efforts are a necessary component of the software development lifecycle. Since resource limitations often preclude reviewing, testing and fortifying the entire code base, prioritizing what code to review/test can improve a team's ability to find and remove more vulnerabilities that are reachable by an attacker. One way that professionals perform this prioritization is the identification of the attack surface of software systems. However, identifying the attack surface of a software system is non-trivial. The goal of this poster is to present the concept of a risk-based attack surface approximation based on crash dump stack traces for the prioritization of security code rework efforts. For this poster, we will present results from previous efforts in the attack surface approximation space, including studies on its effectiveness in approximating security relevant code for Windows and Firefox. We will also discuss future research directions for attack surface approximation, including discovery of additional metrics from stack traces and determining how many stack traces are required for a good approximation.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131046505","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 0
Abstract runtime structure for reasoning about security: poster 用于安全推理的抽象运行时结构:海报
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898377
Marwan Abi-Antoun, E. Khalaj, R. Vanciu, A. Moghimi
{"title":"Abstract runtime structure for reasoning about security: poster","authors":"Marwan Abi-Antoun, E. Khalaj, R. Vanciu, A. Moghimi","doi":"10.1145/2898375.2898377","DOIUrl":"https://doi.org/10.1145/2898375.2898377","url":null,"abstract":"We propose an interactive approach where analysts reason about the security of a system using an abstraction of its runtime structure, as opposed to looking at the code. They interactively refine a hierarchical object graph, set security properties on abstract objects or edges, query the graph, and investigate the results by studying highlighted objects or edges or tracing to the code. Behind the scenes, an inference analysis and an extraction analysis maintain the soundness of the graph with respect to the code.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"64 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"131204790","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Raindroid: a system for run-time mitigation of Android intent vulnerabilities [poster] Raindroid:一个运行时缓解Android意图漏洞的系统
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898389
B. Schmerl, Jeffrey Gennari, J. Cámara, D. Garlan
{"title":"Raindroid: a system for run-time mitigation of Android intent vulnerabilities [poster]","authors":"B. Schmerl, Jeffrey Gennari, J. Cámara, D. Garlan","doi":"10.1145/2898375.2898389","DOIUrl":"https://doi.org/10.1145/2898375.2898389","url":null,"abstract":"Modern frameworks are required to be extendable as well as secure. However, these two qualities are often at odds. In this poster we describe an approach that uses a combination of static analysis and run-time management, based on software architecture models, that can improve security while maintaining framework extendability. We implement a prototype of the approach for the Android platform. Static analysis identifies the architecture and communication patterns among the collection of apps on an Android device and which communications might be vulnerable to attack. Run-time mechanisms monitor these potentially vulnerable communication patterns, and adapt the system to either deny them, request explicit approval from the user, or allow them.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114549819","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 6
A framework for generation, replay, and analysis of real-world attack variants 用于生成、重播和分析真实世界攻击变体的框架
Proceedings of the Symposium and Bootcamp on the Science of Security Pub Date : 2016-04-19 DOI: 10.1145/2898375.2898392
Phuong Cao, Eric C. Badger, Z. Kalbarczyk, R. Iyer
{"title":"A framework for generation, replay, and analysis of real-world attack variants","authors":"Phuong Cao, Eric C. Badger, Z. Kalbarczyk, R. Iyer","doi":"10.1145/2898375.2898392","DOIUrl":"https://doi.org/10.1145/2898375.2898392","url":null,"abstract":"This paper presents a framework for (1) generating variants of known attacks, (2) replaying attack variants in an isolated environment and, (3) validating detection capabilities of attack detection techniques against the variants. Our framework facilitates reproducible security experiments. We generated 648 variants of three real-world attacks (observed at the National Center for Supercomputing Applications at the University of Illinois). Our experiment showed the value of generating attack variants by quantifying the detection capabilities of three detection methods: a signature-based detection technique, an anomaly-based detection technique, and a probabilistic graphical model-based technique.","PeriodicalId":163427,"journal":{"name":"Proceedings of the Symposium and Bootcamp on the Science of Security","volume":"11 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2016-04-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121000925","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
首页 上一页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信