Martín Ochoa

Int. J. Inf. Sec., December, 2023

On the Security of Containers: Threat Modeling, Attack Analysis, and Mitigation Strategies.

[BibT_eX]

[DOI]

Ann Yi Wong

Comput. Secur., May, 2023

FooBaR: Fault Fooling Backdoor Attack on Neural Network Training.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2023

Is Modeling Access Control Worth It?

[BibT_eX]

[DOI]

David A. Basin

Juan Guarnizo

Srdan Krstic

Hoang Nguyen Phuoc Bao

Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security, 2023

SealClub: Computer-aided Paper Document Authentication.

[BibT_eX]

[DOI]

Proceedings of the Annual Computer Security Applications Conference, 2023

2022

Constrained Proximity Attacks on Mobile Targets.

[BibT_eX]

[DOI]

ACM Trans. Priv. Secur., 2022

SealClub: Computer-aided Paper Document Authentication.

[BibT_eX]

[DOI]

Jorge Toro-Pozo

David A. Basin

CoRR, 2022

Dynamic face authentication systems: Deep learning verification for camera close-Up and head rotation paradigms.

[BibT_eX]

[DOI]

Comput. Secur., 2022

ATLAS: A Practical Attack Detection and Live Malware Analysis System for IoT Threat Intelligence.

[BibT_eX]

[DOI]

Yan Lin Aung

Proceedings of the Information Security - 25th International Conference, 2022

A Siamese Neural Network for Scalable Behavioral Biometrics Authentication.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security Workshops, 2022

Scalable and Secure HTML5 Canvas-Based User Authentication.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security Workshops, 2022

2021

Combining behavioral biometrics and session context analytics to enhance risk-based static authentication in web applications.

[BibT_eX]

[DOI]

Int. J. Inf. Sec., 2021

SCOPE: Secure Compiling of PLCs in Cyber-Physical Systems.

[BibT_eX]

[DOI]

Int. J. Crit. Infrastructure Prot., 2021

Threat Modeling and Security Analysis of Containers: A Survey.

[BibT_eX]

[DOI]

Ann Yi Wong

CoRR, 2021

AttkFinder: Discovering Attack Vectors in PLC Programs using Information Flow Analysis.

[BibT_eX]

[DOI]

Proceedings of the RAID '21: 24th International Symposium on Research in Attacks, 2021

Centy: Scalable Server-Side Web Integrity Verification System Based on Fuzzy Hashes.

[BibT_eX]

[DOI]

Lizzy Tengana

Jesus Solano

Esteban Rivera

Christian Lopez

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2021

Scanning the Cycle: Timing-based Authentication on PLCs.

[BibT_eX]

[DOI]

Aditya Mathur

Proceedings of the ASIA CCS '21: ACM Asia Conference on Computer and Communications Security, 2021

2020

<i>NoiSense Print</i>: Detecting Data Integrity Attacks on Sensor Measurements Using Hardware-based Fingerprints.

[BibT_eX]

[DOI]

Aditya P. Mathur

ACM Trans. Priv. Secur., 2020

CIMA: Compiler-Enforced Resilience Against Memory Safety Attacks in Cyber-Physical Systems.

[BibT_eX]

[DOI]

Unnikrishnan Cheramangalath

Huaqun Guo

Comput. Secur., 2020

Machine Learning Techniques for Identity Document Verification in Uncontrolled Environments: A Case Study.

[BibT_eX]

[DOI]

Proceedings of the Pattern Recognition - 12th Mexican Conference, 2020

SCRAP: Synthetically Composed Replay Attacks vs. Adversarial Machine Learning Attacks against Mouse-based Biometric Authentication.

[BibT_eX]

[DOI]

Jesus Solano

Christian Lopez

Esteban Rivera

Lizzy Tengana

Proceedings of the AISec@CCS 2020: Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security, 2020

Risk-based Authentication Based on Network Latency Profiling.

[BibT_eX]

[DOI]

Esteban Rivera

Lizzy Tengana

Jesus Solano

Christian Lopez

Proceedings of the AISec@CCS 2020: Proceedings of the 13th ACM Workshop on Artificial Intelligence and Security, 2020

2019

Leveraging Compression-Based Graph Mining for Behavior-Based Malware Detection.

[BibT_eX]

[DOI]

IEEE Trans. Dependable Secur. Comput., 2019

Practical static analysis of context leaks in Android applications.

[BibT_eX]

[DOI]

Jun Sun

Softw. Pract. Exp., 2019

Improving Network Intrusion Detection Classifiers by Non-payload-Based Exploit-Independent Obfuscations: An Adversarial Approach.

[BibT_eX]

[DOI]

Ivan Homoliak

Martin Teknos

Dominik Breitenbacher

Saeid Hosseini

Petr Hanácek

EAI Endorsed Trans. Security Safety, 2019

Insight Into Insiders and IT: A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures.

[BibT_eX]

[DOI]

ACM Comput. Surv., 2019

Careful-Packing: A Practical and Scalable Anti-Tampering Software Protection enforced by Trusted Computing.

[BibT_eX]

[DOI]

Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, 2019

Detection of Threats to IoT Devices using Scalable VPN-forwarded Honeypots.

[BibT_eX]

[DOI]

Proceedings of the Ninth ACM Conference on Data and Application Security and Privacy, 2019

Risk-Based Static Authentication in Web Applications with Behavioral Biometrics and Session Context Analytics.

[BibT_eX]

[DOI]

Proceedings of the Applied Cryptography and Network Security Workshops, 2019

2018

The Wolf Of SUTD (TWOS): A Dataset of Malicious Insider Threat Behavior Based on a Gamified Competition.

[BibT_eX]

[DOI]

Athul Harilal

Ivan Homoliak

Juan Guarnizo

Soumik Mondal

J. Wirel. Mob. Networks Ubiquitous Comput. Dependable Appl., 2018

Assuring BetterTimes.

[BibT_eX]

[DOI]

J. Comput. Secur., 2018

Taming the War in Memory: A Resilient Mitigation Strategy Against Memory Safety Attacks in CPS.

[BibT_eX]

[DOI]

Unnikrishnan Cheramangalath

Huaqun Guo

CoRR, 2018

Insight into Insiders: A Survey of Insider Threat Taxonomies, Analysis, Modeling, and Countermeasures.

[BibT_eX]

[DOI]

CoRR, 2018

Detection of Masqueraders Based on Graph Partitioning of File System Access Events.

[BibT_eX]

[DOI]

Proceedings of the 2018 IEEE Security and Privacy Workshops, 2018

Static analysis of context leaks in android applications.

[BibT_eX]

[DOI]

Jun Sun

Proceedings of the 40th International Conference on Software Engineering: Software Engineering in Practice, 2018

Enforcing Full-Stack Memory-Safety in Cyber-Physical Systems.

[BibT_eX]

[DOI]

Huaqun Guo

Proceedings of the Engineering Secure Software and Systems - 10th International Symposium, 2018

Location Proximity Attacks Against Mobile Targets: Analytical Bounds and Attacker Strategies.

[BibT_eX]

[DOI]

Proceedings of the Computer Security, 2018

<i>NoisePrint</i>: Attack Detection Using Sensor and Process Noise Fingerprint in Cyber Physical Systems.

[BibT_eX]

[DOI]

Proceedings of the 2018 on Asia Conference on Computer and Communications Security, 2018

Finding Dependencies between Cyber-Physical Domains for Security Testing of Industrial Control Systems.

[BibT_eX]

[DOI]

Proceedings of the 34th Annual Computer Security Applications Conference, 2018

2017

Jif-Based Verification of Information Flow Policies for Android Apps.

[BibT_eX]

[DOI]

Lina M. Jimenez

Sandra Julieta Rueda

Int. J. Secur. Softw. Eng., 2017

NoiSense: Detecting Data Integrity Attacks on Sensor Measurements using Hardware based Fingerprints.

[BibT_eX]

[DOI]

Aditya Mathur

CoRR, 2017

Detection of Unauthorized IoT Devices Using Machine Learning Techniques.

[BibT_eX]

[DOI]

CoRR, 2017

Gamifying Education and Research on ICS Security: Design, Implementation and Results of S3.

[BibT_eX]

[DOI]

CoRR, 2017

ProfilIoT: a machine learning approach for IoT device identification based on network traffic analysis.

[BibT_eX]

[DOI]

Proceedings of the Symposium on Applied Computing, 2017

Reasoning about Probabilistic Defense Mechanisms against Remote Attacks.

[BibT_eX]

[DOI]

Proceedings of the 2017 IEEE European Symposium on Security and Privacy, 2017

Enforcing Memory Safety in Cyber-Physical Systems.

[BibT_eX]

[DOI]

David K. Y. Yau

Proceedings of the Computer Security - ESORICS 2017 International Workshops, 2017

Design-time Quantification of Integrity in Cyber-physical Systems.

[BibT_eX]

[DOI]

Eric Rothstein Morris

Carlos G. Murguia

Proceedings of the 2017 Workshop on Programming Languages and Analysis for Security, 2017

TWOS: A Dataset of Malicious Insider Threat Behavior Based on a Gamified Competition.

[BibT_eX]

[DOI]

Athul Harilal

Juan Guarnizo

Ivan Homoliak

Proceedings of the 2017 International Workshop on Managing Insider Security Threats, Dallas, TX, USA, October 30, 2017

SIPHON: Towards Scalable High-Interaction Physical Honeypots.

[BibT_eX]

[DOI]

Proceedings of the 3rd ACM Workshop on Cyber-Physical System Security, 2017

Gamifying ICS Security Training and Research: Design, Implementation, and Results of S3.

[BibT_eX]

[DOI]

Proceedings of the 2017 Workshop on Cyber-Physical Systems Security and PrivaCy, 2017

Legacy-Compliant Data Authentication for Industrial Control System Traffic.

[BibT_eX]

[DOI]

Daniele Antonioli

Nils Ole Tippenhauer

Proceedings of the Applied Cryptography and Network Security, 2017

2016

Q-Floid: Android Malware detection with Quantitative Data Flow Graphs.

[BibT_eX]

[DOI]

Sandra Julieta Rueda

Proceedings of the Singapore Cyber-Security Conference (SG-CRC) 2016, 2016

Enhancing Operation Security using Secret Sharing.

[BibT_eX]

[DOI]

Proceedings of the 13th International Joint Conference on e-Business and Telecommunications (ICETE 2016), 2016

Umlchange - specifying model changes to support security verification of potential evolution.

[BibT_eX]

[DOI]

Proceedings of the Software Engineering 2016, 2016

MalFlow: identification of C&C servers through host-based data flow profiling.

[BibT_eX]

[DOI]

Proceedings of the 31st Annual ACM Symposium on Applied Computing, 2016

Generating behavior-based malware detection models with genetic programming.

[BibT_eX]

[DOI]

Proceedings of the 14th Annual Conference on Privacy, Security and Trust, 2016

MACKE: compositional analysis of low-level vulnerabilities with symbolic execution.

[BibT_eX]

[DOI]

Proceedings of the 31st IEEE/ACM International Conference on Automated Software Engineering, 2016

Sound and Precise Cross-Layer Data Flow Tracking.

[BibT_eX]

[DOI]

Enrico Lovat

Proceedings of the Engineering Secure Software and Systems - 8th International Symposium, 2016

MaxPace: Speed-constrained location queries.

[BibT_eX]

[DOI]

Per A. Hallgren

Andrei Sabelfeld

Proceedings of the 2016 IEEE Conference on Communications and Network Security, 2016

2015

The Meaning of Attack-Resistant Programs.

[BibT_eX]

[DOI]

Vijay Ganesh

Sebastian Banescu

CoRR, 2015

FEEBO: An Empirical Evaluation Framework for Malware Behavior Obfuscation.

[BibT_eX]

[DOI]

CoRR, 2015

InnerCircle: A parallelizable decentralized privacy-preserving location proximity protocol.

[BibT_eX]

[DOI]

Per A. Hallgren

Andrei Sabelfeld

Proceedings of the 13th Annual Conference on Privacy, Security and Trust, 2015

BetterTimes - Privacy-Assured Outsourced Multiplications for Additively Homomorphic Encryption on Finite Fields.

[BibT_eX]

[DOI]

Per A. Hallgren

Andrei Sabelfeld

Proceedings of the Provable Security, 2015

A framework for empirical evaluation of malware detection resilience against behavior obfuscation.

[BibT_eX]

[DOI]

Proceedings of the 10th International Conference on Malicious and Unwanted Software, 2015

A Framework for Measuring Software Obfuscation Resilience against Automated Attacks.

[BibT_eX]

[DOI]

Sebastian Banescu

Proceedings of the 1st IEEE/ACM International Workshop on Software Protection, 2015

Idea: Unwinding Based Model-Checking and Testing for Non-Interference on EFSMs.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

Idea: Benchmarking Indistinguishability Obfuscation - A Candidate Implementation.

[BibT_eX]

[DOI]

Proceedings of the Engineering Secure Software and Systems - 7th International Symposium, 2015

Short Paper: The Meaning of Attack-Resistant Systems.

[BibT_eX]

[DOI]

Vijay Ganesh

Sebastian Banescu

Proceedings of the 10th ACM Workshop on Programming Languages and Analysis for Security, 2015

Robust and Effective Malware Detection Through Quantitative Data Flow Graph Metrics.

[BibT_eX]

[DOI]

Proceedings of the Detection of Intrusions and Malware, and Vulnerability Assessment, 2015

2014

Evolution of Security Engineering Artifacts: A State of the Art Survey.

[BibT_eX]

[DOI]

Int. J. Secur. Softw. Eng., 2014

Specifying model changes with UMLchange to support security verification of potential evolution.

[BibT_eX]

[DOI]

Comput. Stand. Interfaces, 2014

DAVAST: data-centric system level activity visualization.

[BibT_eX]

[DOI]

Proceedings of the 11th Workshop on Visualization for Cyber Security, 2014

Model-Based Detection of CSRF.

[BibT_eX]

[DOI]

Marco Rocchetto

Mohammad Torabi Dashti

Proceedings of the ICT Systems Security and Privacy Protection, 2014

Leakage Resilience against Concurrent Cache Attacks.

[BibT_eX]

[DOI]

Proceedings of the Principles of Security and Trust - Third International Conference, 2014

Malware detection with quantitative data flow graphs.

[BibT_eX]

[DOI]

Proceedings of the 9th ACM Symposium on Information, Computer and Communications Security, 2014

2013

VERA: A Flexible Model-Based Vulnerability Testing Tool.

[BibT_eX]

[DOI]

Mohammad Torabi Dashti

Proceedings of the Sixth IEEE International Conference on Software Testing, 2013

2012

Model based security guarantees and change.

[BibT_eX]

[DOI]

Martín Ochoa Ronderos

PhD thesis, 2012

Automatic Quantification of Cache Side-Channels.

[BibT_eX]

[DOI]

Boris Köpf

Laurent Mauborgne

IACR Cryptol. ePrint Arch., 2012

Non-interference on UML State-Charts.

[BibT_eX]

[DOI]

Jan Jürjens

Jorge Cuéllar

Proceedings of the Objects, Models, Components, Patterns - 50th International Conference, 2012

Indistinguishable regions in geographic privacy.

[BibT_eX]

[DOI]

Jorge Cuéllar

Ruben Rios

Proceedings of the ACM Symposium on Applied Computing, 2012

A Sound Decision Procedure for the Compositionality of Secrecy.

[BibT_eX]

[DOI]