The Infona portal uses cookies, i.e. strings of text saved by a browser on the user's device. The portal can access those files and use them to remember the user's data, such as their chosen settings (screen view, interface language, etc.), or their login data. By using the Infona portal the user accepts automatic saving and using this information for portal operation purposes. More information on the subject can be found in the Privacy Policy and Terms of Service. By closing this window the user confirms that they have read the information on cookie usage, and they accept the privacy policy and the way cookies are used by the portal. You can change the cookie settings in your browser.
Software-defined networking (SDN) is a networking paradigm to provide automated network management at run time through network orchestration and virtualization. A central controller realizes the automatic network configuration in SDN at run time by conforming to a control plane protocol (e.g., OpenFlow) and switches act as simple forwarding devices. However, SDN are susceptible to cyber attacks and...
IEEE 802.16m, aiming at providing secure communication pathways between the base station (BS) and the mobile station (MS), is a broadband wireless MAN (Metropolitan Area Network) standard. Its security sublayer contains a Privacy Key Management (PKM) protocol, which achieves authentication and key management in the communication process. In this paper, we apply Communicating Sequential Processes (CSP)...
The security flaws of embedded systems have become very valuable targets for cyber criminals. SysML-Sec has been introduced to target the security of these systems during their development stages. However, assessing resistance to attacks during these stages requires efficiently capturing the system's behavior and formally proving security properties from those behaviors. This paper thus proposes (i)...
In this paper, we combine formal modeling and analysis of infrastructures of organizations with sociological explanation to provide a framework for insider threat analysis. We use the higher order logic (HOL) proof assistant Isabelle/HOL to support this framework. In the formal model, we exhibit and use a common trick from the formal verification of security protocols, showing that it is applicable...
Secure multi-party computation allows mutually distrusting parties to compute securely over their private data. However, even in the semi-honest two-party setting, most interesting functions cannot be computed securely in the information-theoretic plain model. Intuitively, the objective of accurately evaluating the output of such functions is inherently inimical to the privacy concerns of the parties...
Several competing smart-home programming frameworks that support third-party app development have emerged. Such frameworks' permission models represent the dividing line between malicious apps that compromise user security and useful apps that provide user benefits. The authors survey the permission models of four popular frameworks: IoTivity, HomeKit, AllJoyn, and SmartThings, then report on their...
The Internet is one of the most rapidly developing technologies. New protocols for the Internet are always developing. This article focuses on the way to simplify development process of new protocols and modeling of network devices. In this paper there is presented general solution architecture and main functional blocks are described. The main objective of this work was to create a general-purpose...
With rapid growth of LTE network and Voice-over-LTE(VoLTE), detecting and preventing security threats like Denial of Service attack becomes a necessary and urgent requirement. VoLTE is an voice solution based on Internet Protocol and 4G LTE technology, at the same time exposing many vulnerabilities when using packet-switched network. There are many heavy weighted detection systems using content analysis,...
Critical infrastructures as water treatment, power distribution, or telecommunications, provide daily services essential to our lifestyle. Any service discontinuity can have a high impact into our society and even into our safety. Thus, security of these systems against intentional threats must be guaranteed. However, many of these systems are based on protocols initially designed to operate on closed,...
The security of Cyber-Physical Systems (CPS) has been recently receiving significant attention from the research community. To this end, this paper sheds the light on a number of security approaches for CPS from two perspectives, namely, control-theoretic and cyber security. Further, threat detectors in various CPS environments are highlighted and discussed. The aim is to demonstrate the lack of coherent...
The evolution of IPv6 technology had become a worldwide trend and showed a significant increase, particularly with the near-coming era named “Internet of Things” or so-called IOT. Concomitant with the transition process from version 4 to version 6, there are open security hole that considered to be vulnerable, mainly against cyber-attacks that poses a threat to companies implements IPv6 network topology...
With the development of internet, the network connection between Industrial Control System (ICS) and public internet has been becoming more and more closely. What's more, the traditional IT system attacks have been spread to ICS and become more frequently. However, the traditional security analysis of IT system is not enough to be applied to ICS. In this paper, we present a tool called Attack Path...
This talk presents results recently published in Software Testing, Verification and Reliability. In recent years, important efforts have been made for offering a dedicated language for modelling and verifying/proving security protocols. However, verifying the security protocol model does not guarantee that the actual implementation of the protocol will fulfil these properties. In this talk we present...
Radio Frequency Identification (RFID) is an efficient technology for identification, tracking and group proof construction. The multi-round protocols for authentication and group proof construction increase the cost with increase in participants. In this work, computational and communication cost of multi-round protocol is calculated to identify the protocol with least cost and high security. The...
Credible BGP (C-BGP) is a lightweight alternative to secure BGP. Its main design objective is to address signature verification costs and deployment challenges associated with S-BGP. To this end, C-BGP defines a control layer of trusted ASes that is comprised of major Autonomous Systems (ASes) in the network. In this environment a non-trusted AS has to verify only the signatures of intermediate ASes...
Programming languages use type systems to reduce number of bugs. Type systems of most languages are not powerful enough to express basic exception safety. Extension of type system in a way that allows representing exception guaranties can provide valuable information to analysis tools. Such tools could even be implemented in type system. We describe a way to extend type system of a given language...
Supervisory Control and Data Acquisition System (SCADA) communication forms major portion of substation automation in smart grid, as it monitors performances of substation components and their parameters. Till date keeping SCADA networks functional was prime focus, but now making it secure is biggest challenge because of their continuous connection to public networks. This paper presents security...
A time-and resource-sensitive simple businessprocess (TR-SBP) consists of a finite set of finite series ofactivities that have timing and resource constraints. A TRSBPseems simple, but its analysis needs to consider whatare not explicitly mentioned as activities and may introducea non-negligible number of intermediate states. In this sense, the analysis has similarities with security protocol analysisthat...
The need to secure communications between personal devices is increasing nowadays, especially in the context of Internet of Things. Authentication between devices which have no prior common knowledge is a challenging problem. One solution consists in using a pre-authenticated auxiliary channel, human assisted or location limited, usually called out-of-band channel. A large number of device pairing...
Automated analysis of protocols involving Diffie-Hellman key exchange is challenging, in part because of the undecidability of the unification problem in relevant theories. In this paper, we justify the use of a more restricted theory that includes multiplication of exponents but not addition, providing unitary and efficient unification. To justify this theory, we compare it to a computational model...
Set the date range to filter the displayed results. You can set a starting date, ending date or both. You can enter the dates manually or choose them from the calendar.