HC-Ref: Hierarchical Constrained Refinement for Robust Adversarial Training of GNNs

Recent studies have shown that attackers can catastrophically reduce the performance of GNNs by maliciously modifying the graph structure or node features on the graph. Adversarial training, which has been shown to be one of the most effective defense mechanisms against adversarial attacks in computer vision, holds great promise for enhancing the robustness of GNNs. There is limited research on defending against attacks by performing adversarial training on graphs, and it is crucial to delve deeper into this approach to optimize its effectiveness. Therefore, based on robust adversarial training on graphs, we propose a hierarchical constraint refinement framework (HC-Ref) that enhances the anti-perturbation capabilities of GNNs and downstream classifiers separately, ultimately leading to improved robustness. We propose corresponding adversarial regularization terms that are conducive to adaptively narrowing the domain gap between the normal part and the perturbation part according to the characteristics of different layers, promoting the smoothness of the predicted distribution of both parts. Moreover, existing research on graph robust adversarial training primarily concentrates on training from the standpoint of node feature perturbations and seldom takes into account alterations in the graph structure. This limitation makes it challenging to prevent attacks based on topological changes in the graph. This paper generates adversarial examples by utilizing graph structure perturbations, offering an effective approach to defend against attack methods that are based on topological changes. Extensive experiments on two real-world graph benchmarks show that HC-Ref successfully resists various attacks and has better node classification performance compared to several baseline methods

Evaluating Software Architectures: Development Stability and Evolution

We survey seminal work on software architecture evaluationmethods. We then look at an emerging class of methodsthat explicates evaluating software architectures forstability and evolution. We define architectural stabilityand formulate the problem of evaluating software architecturesfor stability and evolution. We draw the attention onthe use of Architectures Description Languages (ADLs) forsupporting the evaluation of software architectures in generaland for architectural stability in specific

DAG-Based Attack and Defense Modeling: Don't Miss the Forest for the Attack Trees

This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable and quantifiable actions. Methods based on threat trees and Bayesian networks are two well-known approaches to security modeling. However there exist more than 30 DAG-based methodologies, each having different features and goals. The objective of this survey is to present a complete overview of graphical attack and defense modeling techniques based on DAGs. This consists of summarizing the existing methodologies, comparing their features and proposing a taxonomy of the described formalisms. This article also supports the selection of an adequate modeling technique depending on user requirements

Understanding and Specifying Information Security Needs to Support the Delivery of High Quality Security Services

In this paper we present an approach for specifying and prioritizing information security requirements in organizations. It is important to prioritize security requirements since hundred per cent security is\ud not achievable and the limited resources available should be directed to satisfy the most important ones. We propose to explicitly link security requirements with the organization’s business vision, i.e. to provide business\ud rationale for security requirements. The rationale is then used as a basis for comparing the importance of different security requirements.\ud Furthermore we discuss how to integrate the aforementioned solution concepts into a service level management process for security services, which is an important step in IT Governance. We validate our approach by way of a focus group session

Three alternative (?) stories on the late 20th-century rise of game theory

The paper presents three different reconstructions of the 1980s boom of game theory and its rise to the present status of indispensable tool-box for modern economics. The first story focuses on the Nash refinements literature and on the development of Bayesian games. The second emphasizes the role of antitrust case law, and in particular of the rehabilitation, via game theory, of some traditional antitrust prohibitions and limitations which had been challenged by the Chicago approach. The third story centers on the wealth of issues classifiable under the general headline of "mechanism design" and on the game theoretical tools and methods which have been applied to tackle them. The bottom lines are, first, that the three stories need not be viewed as conflicting, but rather as complementary, and, second, that in all stories a central role has been played by John Harsanyi and Bayesian decision theory.game theory; mechanism design; refinements of Nash equilibrium; antitrust law; John Harsanyi

Formal Template-Based Generation of Attack–Defence Trees for Automated Security Analysis

Systems that integrate cyber and physical aspects to create cyber-physical systems (CPS) are becoming increasingly complex, but demonstrating the security of CPS is hard and security is frequently compromised. These compromises can lead to safety failures, putting lives at risk. Attack Defense Trees with sequential conjunction (ADS) are an approach to identifying attacks on a system and identifying the interaction between attacks and the defenses that are present within the CPS. We present a semantic model for ADS and propose a methodology for generating ADS automatically. The methodology takes as input a CPS system model and a library of templates of attacks and defenses. We demonstrate and validate the effectiveness of the ADS generation methodology using an example from the automotive domain