466 Hits in 6.6 sec

Breaking the Model: Finalisation and a Taxonomy of Security Attacks

John A. Clark, Susan Stepney, Howard Chivers
2005 Electronical Notes in Theoretical Computer Science  
We introduce a taxonomy of such unwanted finalisations, and give examples of attacks that exploit them.  ...  The finalisation step in refinement can be analysed to identify some of these channels, as unwanted finalisations that can break the assumptions of the formal model.  ...  Our taxonomy and many of the attacks outlined (for example, multiple systems) indicate that a useful criterion for formal analysis may be to model the system not as the user is expected to access it, but  ... 
doi:10.1016/j.entcs.2005.04.033 fatcat:k4gdirmajvdlnhc6vsktymanfe

A review of threat modelling approaches for APT-style attacks

Matt Tatam, Bharanidharan Shanmugam, Sami Azam, Krishnan Kannoorpatti
2021 Heliyon  
The focus of this study is to determine TM limitations, strengths, and any perceivable gaps.  ...  Threats are potential events, intentional or not, that compromise the confidentiality, integrity, and/or availability of information systems.  ...  The authors declare no conflict of interest. Additional information No additional information is available for this paper.  ... 
doi:10.1016/j.heliyon.2021.e05969 pmid:33506133 pmcid:PMC7814160 fatcat:zif6ebwcqrhr7pkudsq2ynqpgm

Modeling Bitcoin plus Ethereum as an Open System of Systems of Public Blockchains to Improve Their Resilience against Intentional Risk

Alberto Partida, Saki Gerassis, Regino Criado, Miguel Romance, Eduardo Giráldez, Javier Taboada
2022 Electronics  
In this article, we model the two most market-capitalised public, open and permissionless blockchain implementations, Bitcoin (BTC) and Ethereum (ETH), as a System of Systems (SoS) of public blockchains  ...  The goal of this paper is to formulate a SoS that transfers digital value and aspires to position itself as a distributed alternative to the fiat currency-based financial system.  ...  Acknowledgments: The authors would like to acknowledge Diego Andina. Head of Group for Automation in Signals and Communications. ETSIT. Universidad Politécnica de Madrid.  ... 
doi:10.3390/electronics11020241 fatcat:ocwo4mfyqrcnhixvkup7udnr2e

The Science for Profit Model—How and why corporations influence science and the use of science in policy and practice

Tess Legg, Jenny Hatchard, Anna B. Gilmore, Stanton A. Glantz
2021 PLoS ONE  
The model shows how these strategies work to maximise the volume, credibility, reach, and use of industry-favourable science, while minimising these same aspects of industry-unfavourable science.  ...  Through interpretive analysis we developed the Science for Profit Typology and Model.  ...  Acknowledgments Our appreciation to Lisa Bero, Alice Fabbri, Eric Crosbie, and Bryan Clift for the helpful conversations at various stages of the development of the typology, to Richard Box for design  ... 
doi:10.1371/journal.pone.0253272 pmid:34161371 pmcid:PMC8221522 fatcat:3yipnse5t5bjhkwtjoqvvwsiqi

A multi-level approach to understanding the impact of cyber crime on the financial sector

Monica Lagazio, Nazneen Sherif, Mike Cushman
2014 Computers & security  
This paper puts forward a multi-level model, based on system dynamics methodology, to understand the impact of cyber crime on the financial sector.  ...  Specifically, shifts in financial companies' strategic priorities, having the protection of customer trust and loyalty as a key objective, together with considerations related to market positioning vis-à-vis  ...  MODEL DEVELOPMENT: FINALISATION OF MODEL LOGICS So far, we have discussed some of the key relationships and logics that we have considered for the CLD model.  ... 
doi:10.1016/j.cose.2014.05.006 fatcat:vh2omuxumjdl3liix26cyjfxti

An RFID Attacker Behavior Taxonomy

Luke Mirowski, Jacqueline Hartnett, Raymond Williams
2009 IEEE pervasive computing  
The taxonomy modelled attacks in two system types: authorisation and monitoring.  ...  This section has used the reference model to organise some security solutions which could mitigate attacks in pharmaceutical supply chains, thereby, finalising a 'whole of system' approach to analysis  ...  Appendix A -RFID Simulator The GUI allows the user to undertake a number of modelling tasks: encoding a scenario, executing it, and visualising the effect in data or in animation.  ... 
doi:10.1109/mprv.2009.68 fatcat:zeqw77dwb5hw3k5chfgfu7xuju

Mechanisms of ensuring security in Keystone service

Ievgeniia Kuzminykh, Maryna Fliustikova
2019 Problemi telekomunìkacìj  
Section 5 provides a summary of the mechanisms for enhancing the security and identifies a number of additional security tools for OpenStack.  ...  Section 4 proposes a taxonomy of mechanisms for applying security in authentication, authorization management, personal data protection, privacy and confidentiality, as well as logging and auditing categories  ...  Global service provider Yahoo also had to admit a serious lack in the security system. In December 2016, it became known about the breaking of a billion accounts that took place in 2013.  ... 
doi:10.30837/pt.2019.2.06 fatcat:4kebipgsb5cbzncj5itgi4a6ym

Attacking and Protecting Network Printers and VoIP Phones alike [article]

Giampaolo Bella, Pietro Biondi, Stefano Bognanni
2022 arXiv   pre-print
In finding out that attacks of high impact, termed the Printjack and Phonejack families, could be mounted at least from insiders, the article also observes that secure configurations do not appear to be  ...  Users with the necessary skills may put existing security measures in place with printers, but would need novel measures, which the article prototypes, with phones in order for a pair of peers to call  ...  taxonomy for possible attack protection measures with respect to the stated threat model.  ... 
arXiv:2202.10832v1 fatcat:qw6r3jm3tbcqhmsi45eghj7siu

Social engineering attack examples, templates and scenarios

Francois Mouton, Louise Leenen, H.S. Venter
2016 Computers & security  
The field of information security is a fast-growing discipline.  ...  Even though the effectiveness of security measures to protect sensitive information is increasing, people remain susceptible to manipulation and thus the human element remains a weak link.  ...  The model is depicted in Figure 3 . This model makes use of a decision tree and breaks down the process into more manageable components to aid decision making.  ... 
doi:10.1016/j.cose.2016.03.004 fatcat:jx3nydwpefctnfmgzj6z23l5lm

Towards 6G-enabled Internet of Vehicles: Security and Privacy

D. P. Moya Osorio, I. Ahmad, J. D. Vega Sanchez, A. Gurtov, J. Scholliers, M. Kutila, P. Porambage
2022 IEEE Open Journal of the Communications Society  
will play on providing the expected level of security and privacy for the Internet of Vehicles.  ...  Particularly, 6G will be a prominent supporter for the evolution towards a truly Intelligent Transportation System and the realisation of the Smart City concept by fulfilling the limitations of 5G, once  ...  As a summary, we present the security threat taxonomy in Figure 5 .  ... 
doi:10.1109/ojcoms.2022.3143098 fatcat:vfuwuncr3vaotly7yw7yx25xyu

Good practice guide to setting inputs for operational risk models

P. O. J. Kelliher, M. Acharyya, A. Couper, K. Grant, E. Maguire, P. Nicholas, C. Smerald, D. Stevenson, J. Thirlwell, N. Cantle
2016 British Actuarial Journal  
It recommends a combination of historic loss data and scenario analysis for modelling of individual risks, setting out issues with these data, and outlining good practice for loss data collection and scenario  ...  It recommends the use of expert judgement for setting correlations, and addresses information requirements for risk mitigation allowances and capital allocation, before briefly covering Bayesian network  ...  liquid and transparent securities market A.4.  ... 
doi:10.1017/s1357321716000179 fatcat:vaqqeqw6gjhkpbjizpkcevshtu

Factors Affecting Reputational Damage to Organisations Due to Cyberattacks

Srinath Perera, Xiaohua Jin, Alana Maurushat, De-Graft Joe Opoku
2022 Informatics  
As a result of this, the cyber reputation of organisations has also received increased scrutiny and global attention.  ...  The study identified 42 potential factors, which were then classified using the STAR model. This model is an organisational design framework and was suitable due to its alignment with organisations.  ...  Conflicts of Interest: The authors declare no conflict of interest.  ... 
doi:10.3390/informatics9010028 fatcat:qw6yzk5nubdlnpmfdnu77pgxe4

A model based approach to system of systems risk management

Andrew Kinder, Michael Henshaw, Carys Siemieniuch
2015 2015 10th System of Systems Engineering Conference (SoSE)  
SoS Engineering (SoSE) is a sub-discipline of SE; Risk Management and Modelling and Simulation (M&S) are key areas within SoSE, both of which also lie within the traditional SE domain.  ...  The second theme discussed the application of M&S to SoS, providing an output, which supported the identification of appropriate techniques and concluding that, the inherent complexity of a SoS required  ...  Robert Garrett, Chief Engineer for Modelling and Simulation at the Missile Defence Agency, for his encouragement and invaluable input to this paper.  ... 
doi:10.1109/sysose.2015.7151940 dblp:conf/sysose/KinderHS15 fatcat:slnnxd3ez5ddffqwmjfzd7avya

Use Cases Definition and Pilot Overview Document v3

Marco Manso
2021 Zenodo  
Based on a compound framework of critical assets, threat taxonomy and actors, attack vectors and impact, this document updates the previous two volumes with six new use cases (use cases 22 to 27) that  ...  enrich the set of SPHINX use cases forming a basis for the three SPHINX pilots, while assisting with the consolidation of the SPHINX user requirements and technical specifications (WP2), with the development  ...  Threat Taxonomy A taxonomy is defined as a classification of terms that facilitates the understanding of a given reality.  ... 
doi:10.5281/zenodo.5052727 fatcat:5ikl6umlafftroplmkbspcbmse

Architectural Tactics for Big Data Cybersecurity Analytic Systems: A Review [article]

Faheem Ullah, M. Ali Babar
2018 arXiv   pre-print
Whilst a plethora of Big Data Cybersecurity Analytic Systems have been reported in the literature, there is a lack of a systematic and comprehensive review of the literature from an architectural perspective  ...  to explore the trade-offs and dependencies among the identified tactics and (d) there is a general lack of effective collaboration between academia and industry for supporting the field of Big Data Cybersecurity  ...  Another important factor that needs to be taken care of is the breaking of a logical record across two blocks during the partitioning of data into blocks.  ... 
arXiv:1802.03178v1 fatcat:m6yigyrqrvcpdhg7qxncdh3lsi
« Previous Showing results 1 — 15 out of 466 results