Model-based qualitative risk assessment for availability of IT infrastructures
AbstractFor today’s organisations, having a reliable information system is crucial to safeguard enterprise revenues (think of on-line banking, reservations for e-tickets etc.). Such a system must often...
View ArticleN-Gram against the Machine: On the Feasibility of the N-Gram Network Analysis...
AbstractIn recent years we have witnessed several complex and high-impact attacks specifically targeting “binary” protocols (RPC, Samba and, more recently, RDP). These attacks could not be detected by...
View ArticleRisk and Business Goal Based Security Requirement and Countermeasure...
AbstractCompanies are under pressure to be in control of their assets but at the same time they must operate as efficiently as possible. This means that they aim to implement “good-enough security” but...
View ArticleThe POLIPO Security Framework
AbstractSystems of systems are dynamic coalitions of distributed, autonomous and heterogeneous systems that collaborate to achieve a common goal. While offering several advantages in terms of...
View ArticlePolicy Administration in Tag-Based Authorization
AbstractTag-Based Authorization (TBA) is a hybrid access control model that combines the ease of use of extensional access control models with the expressivity of logic-based formalisms. The main...
View ArticleLinking Unlinkability
AbstractUnlinkability is a privacy property of crucial importance for several systems (such as RFID or voting systems). Informally, unlinkability states that, given two events/items in a system, an...
View ArticleOn Emulation-Based Network Intrusion Detection Systems
AbstractEmulation-based network intrusion detection systems have been devised to detect the presence of shellcode in network traffic by trying to execute (portions of) the network packet payloads in an...
View ArticleHunting the Unknown
AbstractData leakage causes significant losses and privacy breaches worldwide. In this paper we present a white-box data leakage detection system to spot anomalies in database transactions. We argue...
View ArticleExperimental Validation of a Risk Assessment Method
Abstract[Context and motivation] It is desirable that requirement engineering methods are reliable, that is, that methods can be repeated with the same results. Risk assessments methods, however, often...
View ArticleTowards Useful Anomaly Detection for Back Office Networks
AbstractIn this paper we present a protocol-aware anomaly detection framework specifically designed for back office networks together with a new automatic method for feature selection that allows to...
View Article$$\mu $$ Shield
AbstractEmbedded devices are playing a major role in our way of life. Similar to other computer systems embedded devices are vulnerable to code-reuse attacks. Compromising these devices in a critical...
View ArticleStealth Low-Level Manipulation of Programmable Logic Controllers I/O by Pin...
AbstractInput/Output is the mechanism through which Programmable Logic Controllers (PLCs) interact with and control the outside world. Particularly when employed in critical infrastructures, the I/O of...
View ArticleFrom Intrusion Detection to Software Design
AbstractI believe the single most important reason why we are so helpless against cyber-attackers is that present systems are not supervisable. This opinion is developed in years spent working on...
View ArticleRole Inference + Anomaly Detection = Situational Awareness in BACnet Networks
AbstractIn smart buildings, cyber-physical components (e.g., controllers, sensors, and actuators) communicate with each other using network protocols such as BACnet. Many of these devices are now...
View ArticleLeveraging Semantics for Actionable Intrusion Detection in Building...
AbstractIn smart buildings, physical components (e.g., controllers, sensors, and actuators) are interconnected and communicate with each other using network protocols such as BACnet. Many smart...
View ArticleA Matter of Life and Death: Analyzing the Security of Healthcare Networks
AbstractHealthcare Delivery Organizations (HDOs) are complex institutions where a broad range of devices are interconnected. This inter-connectivity brings security concerns and we are observing an...
View ArticleDemonstration of new attacks on three healthcare network protocols in a lab...
AbstractHealthcare delivery organizations such as hospitals are complex infrastructures comprising a broad range of networked devices. They include connected medical devices which can deliver health...
View Article
