Filters








17,190 Hits in 6.3 sec

A Formal Approach to Identifying Security Vulnerabilities in Telecommunication Networks [chapter]

Linas Laibinis, Elena Troubitsyna, Inna Pereverzeva, Ian Oliver, Silke Holtmanns
2016 Lecture Notes in Computer Science  
The number of security attacks on the telecommunication networks is constantly increasing.  ...  To prevent them, the telecom sector is looking for new automated techniques facilitating a discovery of potential network vulnerabilities and rectification of them.  ...  In this paper, we have proposed a formal approach to identifying security vulnerabilities in the telecommunication protocols and defining the recommendations for rectifying them.  ... 
doi:10.1007/978-3-319-47846-3_10 fatcat:72tbbg6da5dltjfp6obxf637s4

Sector-Based Improvement of the Information Security Risk Management Process in the Context of Telecommunications Regulation [chapter]

Nicolas Mayer, Jocelyn Aubert, Hervé Cholez, Eric Grandry
2013 Communications in Computer and Information Science  
posed to security of networks and services.  ...  The research question discussed in this paper is: how to adapt generic Information Security Risk Management (ISRM) process and practices to the telecommunications sector?  ...  Thanks to ILR, the NRA of Luxembourg.  ... 
doi:10.1007/978-3-642-39179-8_2 fatcat:ns6tmmynbbchfhkiwdmdhsnvoe

Telecommunications Networks Risk Assessment with Bayesian Networks [chapter]

Marcin Szpyrka, Bartosz Jasiul, Konrad Wrona, Filip Dziedzic
2013 Lecture Notes in Computer Science  
Each network component and path can be potentially used to compromise information, since an adversary is able to utilise various vulnerabilities of network elements in order to perform an attack.  ...  This risk signature of the system enables the operator to make an informed decision about which network elements shall be used in order to provide a service requested by the user while minimising security  ...  Related Work The presented approach is in accord with recent research in the network security area, where a number of approaches (including formal ones) to the analysis and design of security systems has  ... 
doi:10.1007/978-3-642-40925-7_26 fatcat:5uxswgogvzg7pnspbffvesd5dy

Assessing the Internet of Things Security Risks

Wissam Abbass, National Institute of Posts and Telecommunication INPT, Madinat Al Irfane, Rabat, Morocco, Zineb Bakraouy, Amine Baina, Mostafa Bella
2019 Journal of Communications  
However, it has introduced uncertainty which led to the emergence of a myriad of security risks.  ...  Abstract-The Internet of Things (IoT) has extensively altered the IT landscape, allowing thus no human requirements in order to fluently communicate.  ...  El Jadida in Telecommunications and Networks Engineering.  ... 
doi:10.12720/jcm.14.10.958-964 fatcat:uvsa25mqpfa4xh67zv7fxh4zba

A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Seyit Ahmet Camtepe, Karsten Bsufka, Leonhard Hennig, Cihan Simsek, Sahin Albayrak
2012 PIK - Praxis der Informationsverarbeitung und Kommunikation  
Namely, we define an extensible framework which uses public vulnerability databases to identify probable multi-step attacks in an IT infrastructure, and provide recommendations in the form of patching  ...  Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered.  ...  The attack tree is a formal concept introduced in [11] to model the threats to a system in a structured tree representation given with an attacker's goal.  ... 
doi:10.1515/pik-2012-0005piko.2012.35.1.25 fatcat:rpvuepgxavcfxii3ykw4jtiwna

A Framework for Automated Identification of Attack Scenarios on IT Infrastructures

Seyit Ahmet Camtepe, Karsten Bsufka, Leonhard Hennig, Cihan Simsek, Sahin Albayrak
2012 PIK - Praxis der Informationsverarbeitung und Kommunikation  
Namely, we define an extensible framework which uses public vulnerability databases to identify probable multi-step attacks in an IT infrastructure, and provide recommendations in the form of patching  ...  Due to increased complexity, scale, and functionality of information and telecommunication (IT) infrastructures, every day new exploits and vulnerabilities are discovered.  ...  The attack tree is a formal concept introduced in [11] to model the threats to a system in a structured tree representation given with an attacker's goal.  ... 
doi:10.1515/pik-2012-0005 fatcat:xnet5mcw4bdrlpifpnp7p7lyai

Editorial

Luis Orozco Barbosa, Ali Miri
2008 Telecommunications Systems  
As a result of this analysis, the authors have been able to identified two security flaws that may compromise the confidentiality and integrity of the information handled by the networks making use of  ...  The first paper by Tobarra et al. undertakes a formal analysis of security protocols. Three protocols, TinySEc, LEAP and TinyPK are modelled and formally evaluated.  ... 
doi:10.1007/s11235-008-9130-0 fatcat:5mdyoo5ekzfcbjkglala25sthq

A Holistic Approach to Open-Source VoIP Security: Preliminary Results from the EUX2010sec Project

Lothar Fritsch, Arne-Kristian Groven, Lars Strand
2009 2009 Eighth International Conference on Networks  
The project's special focus is on producing results relevant to the practitioners in the project, aiming at the stimulation of innovation and the provision of highest quality in open source based VoIP  ...  The expected outcomes of the project are a solid scientific and practical understanding of the security options for setting up VoIP infrastructures, particular guidance on secure, typical setups of such  ...  The authors would like to thank the anonymous reviewers for comments on earlier drafts of this paper.  ... 
doi:10.1109/icn.2009.57 dblp:conf/icn/FritschGS09 fatcat:synodc7gezcs5nf4xlji2c3epm

Multigraph Critical Infrastructure Model [chapter]

Bernhard Schneidhofer, Stephen Wolthusen
2016 IFIP Advances in Information and Communication Technology  
Targeting a Wind Turbine System The standard security approach in modern industrial networks is physical separation (i.e., air gap security), which is not a viable concept in this scenario.  ...  The approach provides a lower bound on an adversary's ability to identify vulnerable structures and dependencies.  ... 
doi:10.1007/978-3-319-48737-3_9 fatcat:aa25slbpsjgs7nsjgsqyusnnaa

Assessing Dependability and Resilience in Critical Infrastructures: Challenges and Opportunities [chapter]

Alberto Avritzer, Felicita Di Giandomenico, Anne Remke, Martin Riedl
2012 Resilience Assessment and Evaluation of Computing Systems  
To exemplify the diversity of this A. Avritzer (B)  ...  During the last decade both academia and industry developed an increased interest in this research area and a variety of projects with different focus started to emerge.  ...  The simulation experiments show that a failure in the gas distribution network leads to a total failure in the telecommunication network and to reduced functionality of the power distribution network.  ... 
doi:10.1007/978-3-642-29032-9_3 fatcat:3e64y6jfgre4xpqqj75sspaybq

A Scalable, Vulnerability Modeling and Correlating Method for Network Security [chapter]

Xuejiao Liu, Debao Xiao, Nian Ma, Jie Yu
2009 Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering  
Recent works in network security have demostrated the fact that combinations of vulnerability exploits are the typical means by which an attacker can break into a network.  ...  Scanning is served as a significant issue for identifying vulnerabilities.  ...  There are quite a few vulnerability scanners that are quite effective at what they do -namely identifying vulnerabilities in specific hosts of a target network.  ... 
doi:10.1007/978-3-642-10485-5_16 fatcat:pg4vo5xcr5dlze3ros7knek2qq

Vulnerabilities And Mitigation In Communication System For Grid Integration Of Wind Energy

ANAGHA. A. BOKARE
2017 Zenodo  
in drastic environment but the problems to faced such as security ,policy, system network problems are in online internet facility.  ...  We discuss all the SCADA vulnerabilities in this paper they are attributable to the lack of a well-developed and meticulously practiced security policy also we provide some mitigation of SCADA system which  ...  There is no formal configuration management and no official document procedures. Hence, there are neither formal requirements, nor a consistent approach of configuration management.  ... 
doi:10.5281/zenodo.1463718 fatcat:asqxsusi3jeoxnwmh2tselrgui

Towards Security Analyses of an Identity Federation Protocol for Web Services in Convergent Networks

Maurice ter Beek, Corrado Moiso, Marinella Petrocchi
2007 The Third Advanced International Conference on Telecommunications (AICT'07)  
We describe a formal approach to the analysis of security aspects of an identity federation protocol for web services in convergent networks.  ...  As a first step towards a fullblown formal security analysis of the protocol, we specify three user scenarios in the process algebra Crypto-CCS and verify the vulnerability of one of these specifications  ...  PROTOCOL FORMALIZATION In this section we formalize the protocol described in Section II in the approach lined out in the previous section. A.  ... 
doi:10.1109/aict.2007.46 dblp:conf/aict/BeekMP07 fatcat:lsqoxjl3dfbcbebnmil6hztbae

Model-based security analysis for mobile communications

Jan Jürjens, Joerg Schreck, Peter Bartmann
2008 Proceedings of the 13th international conference on Software engineering - ICSE '08  
This work presents the experiences and results from the security analysis of a mobile system architecture at a large German telecommunications company, by making use of an approach to Model-based Security  ...  In order to make these applications secure, the security analysis has to be an integral part of the system design and IT management process for such mobile communication systems.  ...  A case-study on using model-based approach to secure software engineering and management in telecommunication systems (and in particular mobile communication systems) has to the extent of our knowledge  ... 
doi:10.1145/1368088.1368186 dblp:conf/icse/JurjensSB08 fatcat:yoqqj6zxofguxkyikneg7w6ide

Competency Pool and the competency model for cyber and information security professionals

Daniel Bendler
2021 Zenodo  
The extracted competencies of the competency model analysis and the competency model for cyber and information security professionals are presented.  ...  Uses a group approach to identify problems and develops solutions based on group consensus. Accepts membership in the team and commits to the goals of the team.  ...  Compares active and passive approaches to network forensics. Employs surveillance mechanisms to discover network intrusion. Performs a network inventory.  ... 
doi:10.5281/zenodo.4765646 fatcat:ok3zjkw2ive2tlrpl3btxqr6l4
« Previous Showing results 1 — 15 out of 17,190 results