发布求助
文献互助 智能选刊 最新文献

2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX最新文献

筛选
英文 中文
Vulnerability Modelling for the Analysis of Network Attacks 基于漏洞建模的网络攻击分析
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.49
P. Maggi, D. Pozza, R. Sisto
{"title":"Vulnerability Modelling for the Analysis of Network Attacks","authors":"P. Maggi, D. Pozza, R. Sisto","doi":"10.1109/DepCoS-RELCOMEX.2008.49","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.49","url":null,"abstract":"In order to perform a successful attack on a network, an intruder must know various penetration techniques, also known as exploits. In general, an exploit can be successful only if some pre-conditions are true. Such conditions may involve the presence of vulnerable programs and/or specific software configurations, as well as certain attacker privileges on hosts and network reachability. When an exploit has success, it usually induces a new set of conditions within the network (post-conditions), such as new attacker privileges, and increased connectivity. Therefore, a network attack can be made of a series of exploits that gradually increase the attacker \"power\" on the network, until some final goal has been reached or the whole network has been compromised. Reaching such a goal is possible because of dependencies among exploits in terms of pre- and post-conditions. This paper describes how the OVAL language, originally aimed at describing how to check for the existence of vulnerabilities on hosts, can be enhanced to allow automatic reasoning for precisely determining the possible chains of exploits that an attacker could use to compromise the hosts in the network. Moreover, the paper shows how the description of vulnerabilities can be enriched to allow performing risk analysis, so as to determine the impact of attackers on the network, as well as the likelihood of attacks.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"75 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121040357","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 16
An Approach to Evaluation of Arguments in Trust Cases 信托案件中论点的评估方法
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.39
Lukasz Cyra, J. Górski
{"title":"An Approach to Evaluation of Arguments in Trust Cases","authors":"Lukasz Cyra, J. Górski","doi":"10.1109/DepCoS-RELCOMEX.2008.39","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.39","url":null,"abstract":"Trustworthiness of IT systems can be justified using the concept of a trust case. A trust case is an argument structure which encompasses justification and evidence supporting claimed properties of a system. It represents explicitly an expert's way of assessing that a certain object has certain properties. Trust cases can be developed collaboratively on the basis of evidence and justification of varying quality. They can be complex structures impossible to comprehend fully by a non-expert. A postulated model of communicating trust case contents to an 'ordinary' user is an expert acting on user's behalf and communicating his/her assessment to the user. Therefore, a mechanism for issuing and aggregating experts' assessments is required. The paper proposes such a mechanism which enables assessors to appraise strength of arguments included in a trust case. The mechanism uses Dempster-Shafer's model of beliefs to deal with uncertainty resulting from the lack of knowledge of the expert. Different types of argumentation strategies were identified and for each of them appropriate combination rules were presented.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"46 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122649370","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Software Architecture Behavior Meta-model for Real-Time Systems 实时系统的软件体系结构行为元模型
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.12
A. Bessam, M. Kimour
{"title":"Software Architecture Behavior Meta-model for Real-Time Systems","authors":"A. Bessam, M. Kimour","doi":"10.1109/DepCoS-RELCOMEX.2008.12","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.12","url":null,"abstract":"Component-based software engineering is widely used for developing large and complex software systems. In particular, real-time systems should benefit from this technique to handle complexity and deal with dependability. In real-time systems, applications should not only be logically correct but also behave within time windows. In this paper, we present a metamodel for component-based software description that integrates timing issues. Our metamodel is built by focusing on four functional aspects: interface, static behavior, dynamic behavior, and interaction protocol, to achieve a complete functional model of software components. For each aspect we define its associated time model. Such a time model can be used to check a componentpsilas design against certain properties and to compute the timing properties of component assemblies.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"8 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"125412262","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
The Complexity of Fault-Tolerant Adder Structures 容错加法器结构的复杂性
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.60
J. Biernat
{"title":"The Complexity of Fault-Tolerant Adder Structures","authors":"J. Biernat","doi":"10.1109/DepCoS-RELCOMEX.2008.60","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.60","url":null,"abstract":"To achieve fault-tolerance property of arithmetic circuits several approaches are possible, that differ in the level of hardware redundancy and the coverage of detectable faults. Among them only two are applicable to design of fast fault-tolerant adders. They exploit the concept of residue code or double-rail code. The complexity comparison of the respective fast fault-tolerant adders will be presented.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"42 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"115966044","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 3
Soundness Conditions for Cryptographic Algorithms and Parameters Abstractions in Formal Security Protocol Models 形式安全协议模型中密码算法和参数抽象的完备性条件
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.34
A. Pironti, R. Sisto
{"title":"Soundness Conditions for Cryptographic Algorithms and Parameters Abstractions in Formal Security Protocol Models","authors":"A. Pironti, R. Sisto","doi":"10.1109/DepCoS-RELCOMEX.2008.34","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.34","url":null,"abstract":"When using formal methods, security protocols are usually modeled with a high level of abstraction. In particular, encryption is assumed to be perfect and cryptographic algorithms and their parameters are often abstracted away. This paper states a set of constraints under which, if an abstract protocol model is secure, then a refined model, which takes into account cryptographic algorithms and parameters, is implied to be secure too. The paper also indicates possible exploitations of this result.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"71 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"122824182","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 2
Applying F(I)MEA-technique for SCADA-Based Industrial Control Systems Dependability Assessment and Ensuring F(I) mea技术在基于scada的工业控制系统可靠性评估与保证中的应用
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.23
E. Babeshko, V. Kharchenko, A. Gorbenko
{"title":"Applying F(I)MEA-technique for SCADA-Based Industrial Control Systems Dependability Assessment and Ensuring","authors":"E. Babeshko, V. Kharchenko, A. Gorbenko","doi":"10.1109/DepCoS-RELCOMEX.2008.23","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.23","url":null,"abstract":"Dependability and security analysis of the industrial control computer-based systems (ICS) is an open problem. ICS is a complex system that as a rule consists of two levels - supervisory control and data acquisition (SCADA) and programmable logic controllers (PLC) and has vulnerabilities on both levels. This paper presents results of the SCADA-based ICS dependability and security analysis using a modification of standardized FMEA (failure modes and effects analysis)-technique. The technique mentioned takes into account possible intrusions and is called F(I)MEA (failure (intrusion) modes and effects analysis). F(I)MEA-technique is applied for determining the weakest parts of ICS and the required means of fault prevention, fault detection and fault-tolerance ensuring. An example of F(I)MEA-technique applying for SCADA vulnerabilities analysis is provided. The solutions of SCADA-based ICS dependability improvement are proposed.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"19 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121337512","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 32
A True Random Number Generator with Built-in Attack Detection 一个真正的随机数生成器与内置的攻击检测
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.10
Bernhard Fechner, A. Osterloh
{"title":"A True Random Number Generator with Built-in Attack Detection","authors":"Bernhard Fechner, A. Osterloh","doi":"10.1109/DepCoS-RELCOMEX.2008.10","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.10","url":null,"abstract":"True random number generators (TRNGs) are extensively used in cryptography, simulations and statistics. Metastability is a way to generate true random numbers. By using electromagnetic radiation, a flip-flop in a metastable state can be manipulated to a known state. In this work, we introduce and analyze the concept of a randomized bit-cell, being able to simultaneously produce random numbers and detect active nonintrusive attacks. The experimental comparison with a standard TRNG yields an 11.5 times better distribution of zeros and ones while the TRNGs are under attack. The concept is extended by using a corrector. A perfect distribution can be gained at the expense of a delay which is proportional to the quality of the random source.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"120 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"124165489","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Using UML(VR) for Supporting the Automated Test Data Generation 使用UML(VR)支持自动化测试数据生成
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.57
Dariusz Dymek, L. Kotulski
{"title":"Using UML(VR) for Supporting the Automated Test Data Generation","authors":"Dariusz Dymek, L. Kotulski","doi":"10.1109/DepCoS-RELCOMEX.2008.57","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.57","url":null,"abstract":"Software testing is the most common practice of software quality assurance. In this paper we will present a method of supporting the test data generations using the information from different kinds of UML diagrams. This method is based on the UML(VR) concept which is the extension of the standard UML with vertical relations which define in the formal way the relations between elements from different kinds of diagram. Using these vertical relations we are able to use UML as a base for test data generation for different kinds of tests (module-based, requirement-based, etc.). Such an approach gives us a unique possibility to choose the testing method driven by actual needs.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"72 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"130518782","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 8
Dependability Aspects of e-Learning Systems 电子学习系统的可靠性
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.19
Ali Al-Dahoud, T. Walkowiak, Marek Woda
{"title":"Dependability Aspects of e-Learning Systems","authors":"Ali Al-Dahoud, T. Walkowiak, Marek Woda","doi":"10.1109/DepCoS-RELCOMEX.2008.19","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.19","url":null,"abstract":"This work is devoted to dependability analysis of e-learning systems. Authors present technical aspects of the software part of e-learning systems (e-learning platforms, distant lectures, multimedia presentations and virtual laboratories). Next, a high availability approach to hardware part is discussed. It is followed by a short analysis of several dependability aspects (availability, usability, scalability, interoperability, stability and security) with a conclusion that business continuity is a crucial factor. Therefore, the analysis of the e-learning system monitoring techniques is given. It is followed by a proposition of a new technique of monitoring: the virtual user representative.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"1 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"114425191","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 4
Data Exploration Methods for Transport System Dependability Analysis 运输系统可靠性分析的数据挖掘方法
2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX Pub Date : 2008-06-26 DOI: 10.1109/DepCoS-RELCOMEX.2008.29
H. Maciejewski, T. Lipnicki
{"title":"Data Exploration Methods for Transport System Dependability Analysis","authors":"H. Maciejewski, T. Lipnicki","doi":"10.1109/DepCoS-RELCOMEX.2008.29","DOIUrl":"https://doi.org/10.1109/DepCoS-RELCOMEX.2008.29","url":null,"abstract":"This work is devoted to application of data exploration and data mining techniques for analysis of monitoring databases of a large transport system. The analyses discussed focus on discovering relationships between key metrics of a transport system as such availability / usage profiles of the fleet and various factors on which they apparently depend (such as age, etc.). We demonstrate that building an OLAP system on top the monitoring / maintenance database opens new possibilities for transport system owners to efficiently discover such relationships on their own. This approach turns their monitoring database into a decision support resource in such areas as: optimization of maintenance policies of the transport fleet or discovery of untypical patterns in data (e.g. fraud related). The concepts discussed are illustrated by a number of examples based on real data from the transport system of the Polish Post.","PeriodicalId":167937,"journal":{"name":"2008 Third International Conference on Dependability of Computer Systems DepCoS-RELCOMEX","volume":"191 1","pages":"0"},"PeriodicalIF":0.0,"publicationDate":"2008-06-26","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":null,"resultStr":null,"platform":"Semanticscholar","paperid":"121515090","PeriodicalName":null,"FirstCategoryId":null,"ListUrlMain":null,"RegionNum":0,"RegionCategory":"","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":"","EPubDate":null,"PubModel":null,"JCR":null,"JCRName":null,"Score":null,"Total":0}
引用次数: 1
首页 上一页 下一页 尾页
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
现在去查看 取消
×
提示
确定
请完成安全验证×
相关产品
×
本文献相关产品
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:604180095
Book学术官方微信