243 research outputs found
Nice to know
The byproduct of today’s massive interconnectivity is that basically nothing and no-one is immune to cyber attacks any longer. Sadly, this can be demonstrated rather trivially. It is therefore not surprising that there is no other research area in computer science with as much social and\ud
political impact as computer security. We all know that ‘perfect security’ does not exist. However, when it comes to our IT security research agenda we forget this and dedicate our energies to delivering ‘provably secure’\ud
technology. This a limiting factor: including insecurity in our security research is a great challenge which will open new application areas.\ud
Taking advantage of this multidisciplinary terrain, ‘Nice to Know’ talks about old lessons we have not learned in the past and a few crucial challenges we have to tackle in the future, both in research and in education
Transforming acyclic programs
An unfold/fold transformation system is a source-to-source rewriting methodology devised to improve the efficiency of a program. Any such transformation should preserve the main properties of the initial program: among them, termination. In the field of logic programming, the class of acyclic programs plays an important role in this respect, since it is closely related to the one of terminating programs. The two classes coincide when negation is not allowed in the bodies of the clauses. We prove that the Unfold/Fold transformation system defined by Tamaki and Sato preserves the acyclicity of the initial program. From this result, it follows that when the transformation is applied to an acyclic program, then the finite failure set for definite programs is preserved; in the case of normal programs, all major declarative and operational semantics are preserved as well. These results cannot be extended to the class of left-terminating programs without modifying the definition of the transformation
An Improved Constraint-based system for the verification of security protocols
We propose a constraint-based system for the verification of security protocols that improves upon the one developed by Millen and Shmatikov. Our system features (1) a significantly more efficient implementation, (2) a monotonic behavior, which also allows to detect aws associated to partial runs and (3) a more expressive syntax, in which a principal may also perform explicit checks. We also show why these improvements yield a more effective and practical system
A Simple procedure for finding guessing attacks (extended abstract)
A novel procedure for finding guessing attacks in security protocols is presented. The procedure enjoys a simple and intuitive definition, and is easily implementable
Towards Realistic Threat Modeling: Attack Commodification, Irrelevant Vulnerabilities, and Unrealistic Assumptions
Current threat models typically consider all possible ways an attacker can
penetrate a system and assign probabilities to each path according to some
metric (e.g. time-to-compromise). In this paper we discuss how this view
hinders the realness of both technical (e.g. attack graphs) and strategic (e.g.
game theory) approaches of current threat modeling, and propose to steer away
by looking more carefully at attack characteristics and attacker environment.
We use a toy threat model for ICS attacks to show how a realistic view of
attack instances can emerge from a simple analysis of attack phases and
attacker limitations.Comment: Proceedings of the 2017 Workshop on Automated Decision Making for
Active Cyber Defens
More on Unfold/Fold Transformations of Normal Programs: Preservation of Fitting's Semantics
The unfold/fold transformation system defined by Tamaki and Sato was meant for definite programs. It transforms a program into an equivalent one in the sense of both the least Herbrand model semantics and the Computed Answer Substitution semantics. Seki extended the method to normal programs and specialized it in order to preserve also the finite failure set. The resulting system is correct wrt nearly all the declarative semantics for normal programs. An exception is Fitting's model semantics. In this paper we consider a slight variation of Seki's method and we study its correctness wrt Fitting's semantics. We define an applicability condition for the fold operation and we show that it ensures the preservation of the considered semantics through the transformation
Core TuLiP
We propose CoreTuLiP - the core of a trust management language based on Logic Programming. CoreTuLiP is based on a subset of moded logic programming, but enjoys the features of TM languages such as RT; in particular clauses are issued by different authorities and stored in a distributed manner. We present a lookup and inference algorithm which we prove to be correct and complete w.r.t. the declarative semantics. CoreTuLiP enjoys uniform syntax and the well-established semantics and is expressive enough to model scenarios which are hard to deal with in RT
APHRODITE: an Anomaly-based Architecture for False Positive Reduction
We present APHRODITE, an architecture designed to reduce false positives in
network intrusion detection systems. APHRODITE works by detecting anomalies in
the output traffic, and by correlating them with the alerts raised by the NIDS
working on the input traffic. Benchmarks show a substantial reduction of false
positives and that APHRODITE is effective also after a "quick setup", i.e. in
the realistic case in which it has not been "trained" and set up optimall
Innovatie en R&D – Een inleiding
De redactiecommissie heeft mij verzocht een bijdrage te schrijven ter inleiding van het onderwerp Innovatie. Toen ik de uitnodiging aannam, realiseerde ik me dat ik hooguit mijn persoonlijke - dus vooringenomen - visie kon geven. Ik hoop dat de lezers me dat niet kwalijk nemen. Veiligheid is een buitengewoon ruim begrip: het is dan ook geen wonder dat het niet met één woord in het Engels vertaald kan worden. Veiligheid omvat namelijk zowel safety als security. De meeste lezers zullen doordrongen zijn van het verschil. Preventie en management van incidenten, zoals overstromingen, zijn een kwestie van safety, maar in het geval van bewuste aanvallen (bijvoorbeeld spionage)komen we op het terrein van security. In dit artikel beperk ik me tot security
Integrity Constraints in Trust Management
We introduce the use, monitoring, and enforcement of integrity constraints in
trust management-style authorization systems. We consider what portions of the
policy state must be monitored to detect violations of integrity constraints.
Then we address the fact that not all participants in a trust management system
can be trusted to assist in such monitoring, and show how many integrity
constraints can be monitored in a conservative manner so that trusted
participants detect and report if the system enters a policy state from which
evolution in unmonitored portions of the policy could lead to a constraint
violation.Comment: An extended abstract appears in the proc. of the 10th ACM Symp. on
Access Control Models and Technologies (SACMAT). 200
- …