Beyond 2014: Formal Methods for Attack Tree--based Security Modeling
W Wideł, M Audinot, B Fila, S Pinchinat - ACM Computing Surveys …, 2019 - dl.acm.org
Attack trees are a well established and commonly used framework for security modeling.
They provide a readable and structured representation of possible attacks against a system …
They provide a readable and structured representation of possible attacks against a system …
Timed automata as a formalism for expressing security: A survey on theory and practice
J Arcile, É André - ACM Computing Surveys, 2022 - dl.acm.org
Timed automata are a common formalism for the verification of concurrent systems subject to
timing constraints. They extend finite-state automata with clocks, that constrain the system …
timing constraints. They extend finite-state automata with clocks, that constrain the system …
Nodemedic: End-to-end analysis of node. js vulnerabilities with provenance graphs
Packages in the Node. js ecosystem often suffer from serious vulnerabilities such as
arbitrary command injection and code execution. Existing taint analysis tools fall short in …
arbitrary command injection and code execution. Existing taint analysis tools fall short in …
Quantitative security risk modeling and analysis with RisQFLan
Abstract Domain-specific quantitative modeling and analysis approaches are fundamental in
scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we …
scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we …
Semi-automatically augmenting attack trees using an annotated attack tree library
We present a method for assisting the semi-automatic creation of attack trees. Our method
allows to explore a library of attack trees, select elements from this library that can be …
allows to explore a library of attack trees, select elements from this library that can be …
Reasoning about moving target defense in attack modeling formalisms
Since 2009, Moving Target Defense (MTD) has become a new paradigm of defensive
mechanism that frequently changes the state of the target system to confuse the attacker …
mechanism that frequently changes the state of the target system to confuse the attacker …
Efficient attack-defense tree analysis using Pareto attribute domains
B Fila, W Wideł - 2019 IEEE 32nd Computer Security …, 2019 - ieeexplore.ieee.org
The cheapest attacks are often time-consuming, and those requiring high level of technical
skills might occur rarely but result in disastrous consequences. Therefore, analysis focusing …
skills might occur rarely but result in disastrous consequences. Therefore, analysis focusing …
Security modelling and assessment of modern networks using time independent Graphical Security Models
Abstract Graphical Security Models (GSMs), such as an Attack Graph, are used to assess the
security of networks, but they are often limited to assess the security of the given network …
security of networks, but they are often limited to assess the security of the given network …
A minimum defense cost calculation method for attack defense trees
B Xu, Z Zhong, G He - Security and Communication Networks, 2020 - Wiley Online Library
The cyberphysical system (CPS) is becoming the infrastructure of society. Unfortunately, the
CPS is vulnerable to cyberattacks, which may cause environmental pollution, property …
CPS is vulnerable to cyberattacks, which may cause environmental pollution, property …