Change search
Refine search result
1 - 5 of 5
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Johnson, Pontus
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Vernotte, Alexandre
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    pwnPr3d: an Attack Graph Driven Probabilistic Threat Modeling Approach2016In: Availability, Reliability and Security (ARES), 2016 11th International Conference on, IEEE conference proceedings, 2016Conference paper (Refereed)
    Abstract [en]

    In this paper we introduce pwnPr3d, a probabilistic threat modeling approach for automatic attack graph generation based on network modeling. The aim is to provide stakeholders in organizations with a holistic approach that both provides high-level overview and technical details. Unlike many other threat modeling and attack graph approaches that rely heavily on manual work and security expertise, our language comes with built-in security analysis capabilities. pwnPr3d generates probability distributions over the time to compromise assets.

  • 2.
    Johnson, Pontus
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Vernotte, Alexandre
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Gorton, Dan
    Foreseeti AB, Sweden.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Quantitative Information Security Risk Estimation using Probabilistic Attack Graphs2016In: RISK: International Workshop on Risk Assessment and Risk-driven Testing: 4th International Workshop, RISK 2016, Held in Conjunction with ICTSS 2016, Graz, Austria, October 18, 2016, Revised Selected Papers, Springer, 2016, Vol. 10224, p. 37-52Conference paper (Refereed)
    Abstract [en]

    This paper proposes an approach, called pwnPr3d, for quantitatively estimating information security risk in ICT systems. Unlike many other risk analysis approaches that rely heavily on manual work and security expertise, this approach comes with built-in security risk analysis capabilities. pwnPr3d combines a network architecture modeling language and a probabilistic inference engine to automatically generate an attack graph, making it possible to identify threats along with the likelihood of these threats exploiting a vulnerability. After defining the value of information assets to their organization with regards to confidentiality, integrity and availability breaches, pwnPr3d allows users to automatically quantify information security risk over time, depending on the possible progression of the attacker. As a result, pwnPr3d provides stakeholders in organizations with a holistic approach that both allows high-level overview and technical details.

  • 3.
    Korman, Matus
    et al.
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Välja, Margus
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Björkman, Gunnar
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Vernotte, Alexandre
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Analyzing the effectiveness of attack countermeasures in a SCADA system2017In: Proceedings - 2017 2nd Workshop on Cyber-Physical Security and Resilience in Smart Grids, CPSR-SG 2017 (part of CPS Week), Association for Computing Machinery, Inc , 2017, p. 73-78Conference paper (Refereed)
    Abstract [en]

    The SCADA infrastructure is a key component for power grid operations. Securing the SCADA infrastructure against cyber intrusions is thus vital for a well-functioning power grid. However, the task remains a particular challenge, not the least since not all available security mechanisms are easily deployable in these reliability-critical and complex, multi-vendor environments that host modern systems alongside legacy ones, to support a range of sensitive power grid operations. This paper examines how effective a few countermeasures are likely to be in SCADA environments, including those that are commonly considered out of bounds. The results show that granular network segmentation is a particularly effective countermeasure, followed by frequent patching of systems (which is unfortunately still difficult to date). The results also show that the enforcement of a password policy and restrictive network configuration including whitelisting of devices contributes to increased security, though best in combination with granular network segmentation.

  • 4.
    Vernotte, Alexandre
    KTH, School of Electrical Engineering (EES), Industrial Information and Control Systems.
    Research Questions for Model-Based Vulnerability Testing of Web Applications2013In: 2013 IEEE SIXTH INTERNATIONAL CONFERENCE ON SOFTWARE TESTING, VERIFICATION AND VALIDATION (ICST 2013), IEEE Computer Society, 2013, p. 505-506Conference paper (Refereed)
    Abstract [en]

    This paper presents my Ph.D. research that focuses on developing concepts and techniques for Model-Based Vulnerability Testing (MBVT) of Web Applications. This research bridges the gap between MBT techniques, which are usually addressed to functional testing, and vulnerability testing, which is mostly done manually or with the assistance of Web Vulnerability Scanners, both techniques having several flaws. In this document, we define the core of the research and its expected contributions to MBT and vulnerability testing. Then, we expose the major key challenges of the research, and finally provide early results.

  • 5.
    Vernotte, Alexandre
    et al.
    KTH, School of Electrical Engineering (EES), Electric Power and Energy Systems.
    Johnson, Pontus
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Ekstedt, Mathias
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    Lagerström, Robert
    KTH, School of Electrical Engineering (EES), Network and Systems engineering.
    In-Depth Modeling of the UNIX Operating System for Architectural Cyber Security Analysis2017In: PROCEEDINGS OF THE 2017 IEEE 21ST INTERNATIONAL ENTERPRISE DISTRIBUTED OBJECT COMPUTING CONFERENCE WORKSHOPS AND DEMONSTRATIONS (EDOCW 2017) / [ed] Halle, S Dijkman, R Lapalme, J, Institute of Electrical and Electronics Engineers (IEEE), 2017, p. 127-136Conference paper (Refereed)
    Abstract [en]

    ICT systems have become an integral part of business and life. At the same time, these systems have become extremely complex. In such systems exist numerous vulnerabilities waiting to be exploited by potential threat actors. pwnPr3d is a novel modelling approach that performs automated architectural analysis with the objective of measuring the cyber security of the modeled architecture. Its integrated modelling language allows users to model software and hardware components with great level of details. To illustrate this capability, we present in this paper the metamodel of UNIX, operating systems being the core of every software and every IT system. After describing the main UNIX constituents and how they have been modelled, we illustrate how the modelled OS integrates within pwnPr3d's rationale by modelling the spreading of a self-replicating malware inspired by WannaCry.

1 - 5 of 5
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf