113 views104 votes15 years 8 months ago IFIP 2007»
Capability acquisition graphs (CAGs) provide a powerful framework for modeling insider threats, network attacks and system vulnerabilities. However, CAG-based security modeling sys...
Design diversity is a well-known method to ensure fault tolerance. Such a method has also been applied successfully in various projects to provide intrusion detection and tolerance...
Social network-based Sybil defenses exploit the trust exhibited in social graphs to detect Sybil nodes that disrupt an algorithmic property (i.e., the fast mixing) in these graphs...
We optimally place intrusion detection system (IDS) sensors and prioritize IDS alerts using attack graph analysis. We begin by predicting all possible ways of penetrating a networ...
Attack graphs are important tools for analyzing security vulnerabilities in enterprise networks. Previous work on attack graphs has not provided an account of the scalability of t...
—Recently, there has been significant research interest in leveraging social networks to defend against Sybil attacks. While much of this work may appear similar at first glanc...
228 views176 votes15 years 3 months ago CONEXT 2009»
Building on the popularity of online social networks (OSNs) such as Facebook, social content-sharing applications allow users to form communities around shared interests. Millions...
Retrofitting security implementations to a released software-intensive system or to a system under development may require significant architectural or coding changes. These late...
We study the strategic interaction between a network manager whose goal is to choose (as communication infrastructure) a spanning tree of a network given as an undirected graph, an...
Given the increasing dependence of our societies on information systems, the overall security of these systems should be measured and improved. Existing work generally focuses on ...