Results 271 to 280 of about 60,731 (309)
Some of the next articles are maybe not open access.
2017 31st International Conference on Advanced Information Networking and Applications Workshops (WAINA), 2017
Software-based systems are nowadays complex and highly distributed. In contrast, existing intrusion detection mechanisms are not always suitable for protecting these systems against new and sophisticated attacks that increasingly appear. In this paper, we present a new generic approach that combines monitoring and formal methods in order to ensure ...
Ouffoue, Georges +3 more
openaire +1 more source
Software-based systems are nowadays complex and highly distributed. In contrast, existing intrusion detection mechanisms are not always suitable for protecting these systems against new and sophisticated attacks that increasingly appear. In this paper, we present a new generic approach that combines monitoring and formal methods in order to ensure ...
Ouffoue, Georges +3 more
openaire +1 more source
Threat Modeling for CSRF Attacks
2009 International Conference on Computational Science and Engineering, 2009Cross-Site Request Forgery (CSRF) vulnerability is extremely widespread and one of the top ten Web application vulnerabilities of the Open Web Application Security Project (OWASP). In this paper, we explore the CSRF vulnerabilities, illustrate the real-world CSRF attack, and present novel CSRF attack tree models. The threat models provide for exploring,
Xiaoli Lin +3 more
openaire +1 more source
2011
We identify attacker modelling as major obstacle when searching for ways to defeat security protocols. For protocols verified to be secure, attacks are discovered. Since this problem is not limited to the Dolev-Yao attacker but applies to all modelled attackers, we propose a new approach. We argue that formal verification methods should be used to show
openaire +1 more source
We identify attacker modelling as major obstacle when searching for ways to defeat security protocols. For protocols verified to be secure, attacks are discovered. Since this problem is not limited to the Dolev-Yao attacker but applies to all modelled attackers, we propose a new approach. We argue that formal verification methods should be used to show
openaire +1 more source
Modeling and Mitigating the Coremelt Attack
2018 Annual American Control Conference (ACC), 2018This paper studies the Coremelt attack, a link-flooding Distributed Denial of Service attack that exhausts the bandwidth at a core network link using low-intensity traffic flows between subverted machines. A dynamical system model is formulated for analyzing the effect of Coremelt attack on a single-link Transmission Control Protocol (TCP) network and ...
Guosong Yang +5 more
openaire +1 more source
On the Probability Model for Asthma Attacks
Journal of Theoretical Biology, 2002In environmental epidemiology, the impact of environmental agents on symptoms or health status is of interest. This influence is described quantitatively in the theory of Whittemore & Keller (1979). They formulated a logistic model for individuals that is useful in evaluation of panel studies in which each participant protocols whether he does or does ...
openaire +2 more sources
Modeling Partial Attacks with Alloy
2010The automated and formal analysis of cryptographic primitives, security protocols and Application Programming Interfaces (APIs) up to date has been focused on discovering attacks that completely break the security of a system. However, there are attacks that do not immediately break a system but weaken the security sufficiently for the adversary.
Amerson Lin, Mike Bond, Jolyon Clulow
openaire +1 more source
Attack and Defense Modeling with BDMP
2010The BDMP (Boolean logic Driven Markov Processes) modeling formalism has recently been adapted from reliability engineering to security modeling. It constitutes an attractive trade-off in terms of readability, modeling power, scalability and quantification capabilities.
Ludovic Piètre-Cambacédès +1 more
openaire +1 more source
The Work-Averse Attacker Model.
2015In this paper we present and validate a novel attacker model based on the \ economic notion that the attacker has limited resources to forge a new \ attack. We focus on the vulnerability exploitation case, whereby the \ attacker has to choose whether to exploit a new vulnerability or keep an old \ one.
Massacci, Fabio, Allodi, Luca
openaire +3 more sources
Evaluation of adaptive attacker models [PDF]
, 2014 In this paper, we model attacker behaviour. We have implemented a usual, i.e., omniscient, attacker and our adaptive attacker. We are going to compare these two models to find whether there is a significant difference between them. We consider the comparison from the attacker point of view and from the point of view of the defender (which wants to ...
Krautsevich L, Yautsiukhin A
openaire +1 more source
Towards Modelling Adaptive Attacker’s Behaviour
2013We describe our model for the behaviour of an attacker. In the model, the attacker has uncertain knowledge about a computer system. Moreover, the attacker tries different attack paths if initially selected ones cannot be completed. The model allows finer-grained analysis of the security of computer systems.
Leanid Krautsevich +2 more
openaire +2 more sources