Visible to the public Biblio

Filters: First Letter Of Title is Q  [Clear All Filters]
A B C D E F G H I J K L M N O P [Q] R S T U V W X Y Z   [Show ALL]
Q
Jurado, Mireya, Smith, Geoffrey.  2019.  Quantifying Information Leakage of Deterministic Encryption. Proceedings of the 2019 ACM SIGSAC Conference on Cloud Computing Security Workshop. :129–139.
In order to protect user data while maintaining application functionality, encrypted databases can use specialized cryptography such as property-revealing encryption, which allows a property of the underlying plaintext values to be computed from the ciphertext. One example is deterministic encryption which ensures that the same plaintext encrypted under the same key will produce the same ciphertext. This technology enables clients to make queries on sensitive data hosted in a cloud server and has considerable potential to protect data. However, the security implications of deterministic encryption are not well understood. We provide a leakage analysis of deterministic encryption through the application of the framework of quantitative information flow. A key insight from this framework is that there is no single "right'' measure by which leakage can be quantified: information flow depends on the operational scenario and different operational scenarios require different leakage measures. We evaluate leakage under three operational scenarios, modeled using three different gain functions, under a variety of prior distributions in order to bring clarity to this problem.
Zerrouki, F., Ouchani, S., Bouarfa, H..  2020.  Quantifying Security and Performance of Physical Unclonable Functions. 2020 7th International Conference on Internet of Things: Systems, Management and Security (IOTSMS). :1—4.

Physical Unclonable Function is an innovative hardware security primitives that exploit the physical characteristics of a physical object to generate a unique identifier, which play the role of the object's fingerprint. Silicon PUF, a popular type of PUFs, exploits the variation in the manufacturing process of integrated circuits (ICs). It needs an input called challenge to generate the response as an output. In addition, of classical attacks, PUFs are vulnerable to physical and modeling attacks. The performance of the PUFs is measured by several metrics like reliability, uniqueness and uniformity. So as an evidence, the main goal is to provide a complete tool that checks the strength and quantifies the performance of a given physical unconscionable function. This paper provides a tool and develops a set of metrics that can achieve safely the proposed goal.

Zhang, Y., Groves, T., Cook, B., Wright, N. J., Coskun, A. K..  2020.  Quantifying the impact of network congestion on application performance and network metrics. 2020 IEEE International Conference on Cluster Computing (CLUSTER). :162–168.
In modern high-performance computing (HPC) systems, network congestion is an important factor that contributes to performance degradation. However, how network congestion impacts application performance is not fully understood. As Aries network, a recent HPC network architecture featuring a dragonfly topology, is equipped with network counters measuring packet transmission statistics on each router, these network metrics can potentially be utilized to understand network performance. In this work, by experiments on a large HPC system, we quantify the impact of network congestion on various applications' performance in terms of execution time, and we correlate application performance with network metrics. Our results demonstrate diverse impacts of network congestion: while applications with intensive MPI operations (such as HACC and MILC) suffer from more than 40% extension in their execution times under network congestion, applications with less intensive MPI operations (such as Graph500 and HPCG) are mostly not affected. We also demonstrate that a stall-to-flit ratio metric derived from Aries network counters is positively correlated with performance degradation and, thus, this metric can serve as an indicator of network congestion in HPC systems.
Lyu, Minzhao, Sherratt, Dainel, Sivanathan, Arunan, Gharakheili, Hassan Habibi, Radford, Adam, Sivaraman, Vijay.  2017.  Quantifying the Reflective DDoS Attack Capability of Household IoT Devices. Proceedings of the 10th ACM Conference on Security and Privacy in Wireless and Mobile Networks. :46–51.

Distributed Denial-of-Service (DDoS) attacks are increasing in frequency and volume on the Internet, and there is evidence that cyber-criminals are turning to Internet-of-Things (IoT) devices such as cameras and vending machines as easy launchpads for large-scale attacks. This paper quantifies the capability of consumer IoT devices to participate in reflective DDoS attacks. We first show that household devices can be exposed to Internet reflection even if they are secured behind home gateways. We then evaluate eight household devices available on the market today, including lightbulbs, webcams, and printers, and experimentally profile their reflective capability, amplification factor, duration, and intensity rate for TCP, SNMP, and SSDP based attacks. Lastly, we demonstrate reflection attacks in a real-world setting involving three IoT-equipped smart-homes, emphasising the imminent need to address this problem before it becomes widespread.

Chen, Huashan, Cho, Jin-Hee, Xu, Shouhuai.  2018.  Quantifying the Security Effectiveness of Firewalls and DMZs. Proceedings of the 5th Annual Symposium and Bootcamp on Hot Topics in the Science of Security. :9:1–9:11.

Firewalls and Demilitarized Zones (DMZs) are two mechanisms that have been widely employed to secure enterprise networks. Despite this, their security effectiveness has not been systematically quantified. In this paper, we make a first step towards filling this void by presenting a representational framework for investigating their security effectiveness in protecting enterprise networks. Through simulation experiments, we draw useful insights into the security effectiveness of firewalls and DMZs. To the best of our knowledge, these insights were not reported in the literature until now.

Blenn, Norbert, Ghiëtte, Vincent, Doerr, Christian.  2017.  Quantifying the Spectrum of Denial-of-Service Attacks Through Internet Backscatter. Proceedings of the 12th International Conference on Availability, Reliability and Security. :21:1–21:10.
Denial of Service (DoS) attacks are a major threat currently observable in computer networks and especially the Internet. In such an attack a malicious party tries to either break a service, running on a server, or exhaust the capacity or bandwidth of the victim to hinder customers to effectively use the service. Recent reports show that the total number of Distributed Denial of Service (DDoS) attacks is steadily growing with "mega-attacks" peaking at hundreds of gigabit/s (Gbps). In this paper, we will provide a quantification of DDoS attacks in size and duration beyond these outliers reported in the media. We find that these mega attacks do exist, but the bulk of attacks is in practice only a fraction of these frequently reported values. We further show that it is feasible to collect meaningful backscatter traces using surprisingly small telescopes, thereby enabling a broader audience to perform attack intelligence research.
Francesca Carfora, Maria, Orlando, Albina.  2019.  Quantile based risk measures in cyber security. 2019 International Conference on Cyber Situational Awareness, Data Analytics And Assessment (Cyber SA). :1–4.
Measures and methods used in financial sector to quantify risk, have been recently applied to cyber world. The aim is to help organizations to improve risk management strategies and to wisely plan investments in cyber security. On the other hand, they are useful instruments for insurance companies in pricing cyber insurance contracts and setting the minimum capital requirements defined by the regulators. In this paper we propose an estimation of Value at Risk (VaR), referred to as Cyber Value at Risk in cyber security domain, and Tail Value at risk (TVaR). The data breach information we use is obtained from the “Chronology of data breaches” compiled by the Privacy Rights Clearinghouse.
Diovu, R. C., Agee, J. T..  2017.  Quantitative analysis of firewall security under DDoS attacks in smart grid AMI networks. 2017 IEEE 3rd International Conference on Electro-Technology for National Development (NIGERCON). :696–701.

One of the key objectives of distributed denial of service (DDoS) attack on the smart grid advanced metering infrastructure is to threaten the availability of end user's metering data. This will surely disrupt the smooth operations of the grid and third party operators who need this data for billing and other grid control purposes. In previous work, we proposed a cloud-based Openflow firewall for mitigation against DDoS attack in a smart grid AMI. In this paper, PRISM model checker is used to perform a probabilistic best-and worst-case analysis of the firewall with regard to DDoS attack success under different firewall detection probabilities ranging from zero to 1. The results from this quantitative analysis can be useful in determining the extent the DDoS attack can undermine the correctness and performance of the firewall. In addition, the study can also be helpful in knowing the extent the firewall can be improved by applying the knowledge derived from the worst-case performance of the firewall.

Son, Juhyung, Koo, Sungmin, Choi, Jongmoo, Choi, Seong-je, Baek, Seungjae, Jeon, Gwangil, Park, Jun-Hyeok, Kim, Hyoungchun.  2017.  Quantitative Analysis of Measurement Overhead for Integrity Verification. Proceedings of the Symposium on Applied Computing. :1528–1533.

As the use of cloud computing and autonomous computing increases, integrity verification of the software stack used in a system becomes a critical issue. In this paper, we analyze the internal behavior of IMA (Integrity Measurement Architecture), one of the most well-known integrity verification frameworks employed in the Linux kernel. For integrity verification, IMA measures all executables and their configuration files in a trusty manner using TPM (Trust Platform Module). Our analysis reveals that there are two obstacles in IMA, measurement overhead and nondeterminism. To address these problems, we propose two novel techniques, called batch extend and core measurement. The former is a technique that accumulates the measured values of executables/files and extends them into TPM in a batch fashion. The second technique measures some specified executables/files only so that it verifies the core integrity of a system in which a user or a remote party is interested. Real implementation based evaluation shows that our proposal can reduce the booting time from 122 to 23 seconds, while supporting the same integrity verification capability of the default IMA policy.

Wang, Shaolei, Zhou, Ying, Li, Yaowei, Guo, Ronghua, Du, Jiawei.  2018.  Quantitative Analysis of Network Address Randomization's Security Effectiveness. 2018 IEEE 18th International Conference on Communication Technology (ICCT). :906—910.

The quantitative security effectiveness analysis is a difficult problem for the research of network address randomization techniques. In this paper, a system model and an attack model are proposed based on general attacks' attack processes and network address randomization's technical principle. Based on the models, the network address randomization's security effectiveness is quantitatively analyzed from the perspective of the attacker's attack time and attack cost in both static network address and network address randomization cases. The results of the analysis show that the security effectiveness of network address randomization is determined by the randomization frequency, the randomization space, the states of hosts in the target network, and the capabilities of the attacker.

Tikhomirov, S., Moreno-Sanchez, P., Maffei, M..  2020.  A Quantitative Analysis of Security, Anonymity and Scalability for the Lightning Network. 2020 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :387—396.

Payment channel networks have been introduced to mitigate the scalability issues inherent to permissionless decentralized cryptocurrencies such as Bitcoin. Launched in 2018, the Lightning Network (LN) has been gaining popularity and consists today of more than 5000 nodes and 35000 payment channels that jointly hold 965 bitcoins (9.2M USD as of June 2020). This adoption has motivated research from both academia and industryPayment channels suffer from security vulnerabilities, such as the wormhole attack [39], anonymity issues [38], and scalability limitations related to the upper bound on the number of concurrent payments per channel [28], which have been pointed out by the scientific community but never quantitatively analyzedIn this work, we first analyze the proneness of the LN to the wormhole attack and attacks against anonymity. We observe that an adversary needs to control only 2% of nodes to learn sensitive payment information (e.g., sender, receiver, and amount) or to carry out the wormhole attack. Second, we study the management of concurrent payments in the LN and quantify its negative effect on scalability. We observe that for micropayments, the forwarding capability of up to 50% of channels is restricted to a value smaller than the channel capacity. This phenomenon hinders scalability and opens the door for denial-of-service attacks: we estimate that a network-wide DoS attack costs within 1.6M USD, while isolating the biggest community costs only 238k USDOur findings should prompt the LN community to consider the issues studied in this work when educating users about path selection algorithms, as well as to adopt multi-hop payment protocols that provide stronger security, privacy and scalability guarantees.

Henretty, T., Baskaran, M., Ezick, J., Bruns-Smith, D., Simon, T. A..  2017.  A quantitative and qualitative analysis of tensor decompositions on spatiotemporal data. 2017 IEEE High Performance Extreme Computing Conference (HPEC). :1–7.

Summary form only given. Strong light-matter coupling has been recently successfully explored in the GHz and THz [1] range with on-chip platforms. New and intriguing quantum optical phenomena have been predicted in the ultrastrong coupling regime [2], when the coupling strength Ω becomes comparable to the unperturbed frequency of the system ω. We recently proposed a new experimental platform where we couple the inter-Landau level transition of an high-mobility 2DEG to the highly subwavelength photonic mode of an LC meta-atom [3] showing very large Ω/ωc = 0.87. Our system benefits from the collective enhancement of the light-matter coupling which comes from the scaling of the coupling Ω ∝ √n, were n is the number of optically active electrons. In our previous experiments [3] and in literature [4] this number varies from 104-103 electrons per meta-atom. We now engineer a new cavity, resonant at 290 GHz, with an extremely reduced effective mode surface Seff = 4 × 10-14 m2 (FE simulations, CST), yielding large field enhancements above 1500 and allowing to enter the few (\textbackslashtextless;100) electron regime. It consist of a complementary metasurface with two very sharp metallic tips separated by a 60 nm gap (Fig.1(a, b)) on top of a single triangular quantum well. THz-TDS transmission experiments as a function of the applied magnetic field reveal strong anticrossing of the cavity mode with linear cyclotron dispersion. Measurements for arrays of only 12 cavities are reported in Fig.1(c). On the top horizontal axis we report the number of electrons occupying the topmost Landau level as a function of the magnetic field. At the anticrossing field of B=0.73 T we measure approximately 60 electrons ultra strongly coupled (Ω/ω- \textbackslashtextbar\textbackslashtextbar

Wang, P., Zhang, J., Wang, S., Wu, D..  2020.  Quantitative Assessment on the Limitations of Code Randomization for Legacy Binaries. 2020 IEEE European Symposium on Security and Privacy (EuroS P). :1–16.
Software development and deployment are generally fast-pacing practices, yet to date there is still a significant amount of legacy software running in various critical industries with years or even decades of lifespans. As the source code of some legacy software became unavailable, it is difficult for maintainers to actively patch the vulnerabilities, leaving the outdated binaries appealing targets of advanced security attacks. One of the most powerful attacks today is code reuse, a technique that can circumvent most existing system-level security facilities. While there have been various countermeasures against code reuse, applying them to sourceless software appears to be exceptionally challenging. Fine-grained code randomization is considered to be an effective strategy to impede modern code-reuse attacks. To apply it to legacy software, a technique called binary rewriting is employed to directly reconstruct binaries without symbol or relocation information. However, we found that current rewriting-based randomization techniques, regardless of their designs and implementations, share a common security defect such that the randomized binaries may remain vulnerable in certain cases. Indeed, our finding does not invalidate fine-grained code randomization as a meaningful defense against code reuse attacks, for it significantly raises the bar for exploits to be successful. Nevertheless, it is critical for the maintainers of legacy software systems to be aware of this problem and obtain a quantitative assessment of the risks in adopting a potentially incomprehensive defense. In this paper, we conducted a systematic investigation into the effectiveness of randomization techniques designed for hardening outdated binaries. We studied various state-of-the-art, fine-grained randomization tools, confirming that all of them can leave a certain part of the retrofitted binary code still reusable. To quantify the risks, we proposed a set of concrete criteria to classify gadgets immune to rewriting-based randomization and investigated their availability and capability.
Aksu, M. U., Dilek, M. H., Tatlı, E. İ, Bicakci, K., Dirik, H. İ, Demirezen, M. U., Aykır, T..  2017.  A Quantitative CVSS-Based Cyber Security Risk Assessment Methodology for IT Systems. 2017 International Carnahan Conference on Security Technology (ICCST). :1–8.

IT system risk assessments are indispensable due to increasing cyber threats within our ever-growing IT systems. Moreover, laws and regulations urge organizations to conduct risk assessments regularly. Even though there exist several risk management frameworks and methodologies, they are in general high level, not defining the risk metrics, risk metrics values and the detailed risk assessment formulas for different risk views. To address this need, we define a novel risk assessment methodology specific to IT systems. Our model is quantitative, both asset and vulnerability centric and defines low and high level risk metrics. High level risk metrics are defined in two general categories; base and attack graph-based. In our paper, we provide a detailed explanation of formulations in each category and make our implemented software publicly available for those who are interested in applying the proposed methodology to their IT systems.

Pham, L. H., Albanese, M., Chadha, R., Chiang, C.-Y. J., Venkatesan, S., Kamhoua, C., Leslie, N..  2020.  A Quantitative Framework to Model Reconnaissance by Stealthy Attackers and Support Deception-Based Defenses. :1—9.

In recent years, persistent cyber adversaries have developed increasingly sophisticated techniques to evade detection. Once adversaries have established a foothold within the target network, using seemingly-limited passive reconnaissance techniques, they can develop significant network reconnaissance capabilities. Cyber deception has been recognized as a critical capability to defend against such adversaries, but, without an accurate model of the adversary's reconnaissance behavior, current approaches are ineffective against advanced adversaries. To address this gap, we propose a novel model to capture how advanced, stealthy adversaries acquire knowledge about the target network and establish and expand their foothold within the system. This model quantifies the cost and reward, from the adversary's perspective, of compromising and maintaining control over target nodes. We evaluate our model through simulations in the CyberVAN testbed, and indicate how it can guide the development and deployment of future defensive capabilities, including high-interaction honeypots, so as to influence the behavior of adversaries and steer them away from critical resources.

Katt, Basel, Prasher, Nishu.  2018.  Quantitative Security Assurance Metrics: REST API Case Studies. Proceedings of the 12th European Conference on Software Architecture: Companion Proceedings. :59:1-59:7.

Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one aspect of assurance, like security requirements fulfillment, or threat/vulnerability existence, or (2) do not consider the relevance of the different security requirements to the evaluated application context. Furthermore, they are mostly qualitative in nature and are heavily based on manual processing, which make them costly and time consuming. Therefore, they are not widely used and applied, especially by small and medium-sized enterprises (SME), which constitute the backbone of the Norwegian economy. In this paper, we propose a quantification method that aims at evaluating security assurance of systems by measuring (1) the level of confidence that the mechanisms fulfilling security requirements are present and (2) the vulnerabilities associated with possible security threats are absent. Additionally, an assurance evaluation process is proposed. Two case studies applying our method are presented. The case studies use our assurance method to evaluate the security level of two REST APIs developed by Statistics Norway, where one of the authors is employed. Analysis shows that the API with the most security mechanisms implemented got a slightly higher security assurance score. Security requirement relevance and vulnerability impact played a role in the overall scores.

Youssef, Ayman, Shosha, Ahmed F..  2017.  Quantitave Dynamic Taint Analysis of Privacy Leakage in Android Arabic Apps. Proceedings of the 12th International Conference on Availability, Reliability and Security. :58:1–58:9.
Android smartphones are ubiquitous all over the world, and organizations that turn profits out of data mining user personal information are on the rise. Many users are not aware of the risks of accepting permissions from Android apps, and the continued state of insecurity, manifested in increased level of breaches across all large organizations means that personal information is falling in the hands of malicious actors. This paper aims at shedding the light on privacy leakage in apps that target a specific demography, Arabs. The research takes into consideration apps that cater to specific cultural aspects of this region and identify how they could be abusing the trust given to them by unsuspecting users. Dynamic taint analysis is used in a virtualized environment to analyze top free apps based on popularity in Google Play store. Information presented highlights how different categories of apps leak different categories of private information.
Li, X..  2015.  A Quantity-Flexibility Contract in Two-Stage Decision with Supply Chain Coordination. 2015 11th International Conference on Computational Intelligence and Security (CIS). :109–112.

We study a quantity-flexibility supply contract between a manufacturer and a retailer in two periods. The retailer can get a low wholesale price within a fixed quantity and adjust the quantity at the end of the first period. The retailer can adjust the order quantities after the first period based on updated inventory status by paying a higher per-unit price for the incremental units or obtaining a buyback price per-unit for the returning units. By developing a two-period dynamic programming model in this paper, we first obtain an optimal replenishment strategy for the retailer when the manufacturer's price scheme is known. Then we derive an proper pricing scheme for the manufacturer by assuming that the supply chain is coordinated. The numerical results show some managerial insights by comparing this coordination scheme with Stackelberg game.

Stanković, I., Brajović, M., Daković, M., Stanković, L., Ioana, C..  2020.  Quantization Effect in Nonuniform Nonsparse Signal Reconstruction. 2020 9th Mediterranean Conference on Embedded Computing (MECO). :1–4.
This paper examines the influence of quantization on the compressive sensing theory applied to the nonuniformly sampled nonsparse signals with reduced set of randomly positioned measurements. The error of the reconstruction will be generalized to exact expected squared error expression. The aim is to connect the generalized random sampling strategy with the quantization effect, finding the resulting error of the reconstruction. Small sampling deviations correspond to the imprecisions of the sampling strategy, while completely random sampling schemes causes large sampling deviations. Numerical examples provide an agreement between the statistical results and theoretical values.
Graur, O., Islam, N., Henkel, W..  2016.  Quantization for Physical Layer Security. 2016 IEEE Globecom Workshops (GC Wkshps). :1–7.

We propose a multi-level CSI quantization and key reconciliation scheme for physical layer security. The noisy wireless channel estimates obtained by the users first run through a transformation, prior to the quantization step. This enables the definition of guard bands around the quantization boundaries, tailored for a specific efficiency and not compromising the uniformity required at the output of the quantizer. Our construction results in an better key disagreement and initial key generation rate trade-off when compared to other level-crossing quantization methods.

Sharifzadeh, Mehdi, Aloraini, Mohammed, Schonfeld, Dan.  2019.  Quantized Gaussian Embedding Steganography. ICASSP 2019 - 2019 IEEE International Conference on Acoustics, Speech and Signal Processing (ICASSP). :2637–2641.

In this paper, we develop a statistical framework for image steganography in which the cover and stego messages are modeled as multivariate Gaussian random variables. By minimizing the detection error of an optimal detector within the generalized adopted statistical model, we propose a novel Gaussian embedding method. Furthermore, we extend the formulation to cost-based steganography, resulting in a universal embedding scheme that works with embedding costs as well as variance estimators. Experimental results show that the proposed approach avoids embedding in smooth regions and significantly improves the security of the state-of-the-art methods, such as HILL, MiPOD, and S-UNIWARD.

Bebrov, G., Dimova, R., Pencheva, E..  2017.  Quantum approach to the information privacy in Smart Grid. 2017 International Conference on Optimization of Electrical and Electronic Equipment (OPTIM) 2017 Intl Aegean Conference on Electrical Machines and Power Electronics (ACEMP). :971–976.

Protection of information achieves keeping confidentiality, integrity, and availability of the data. These features are essential for the proper operation of modern industrial technologies, like Smart Grid. The complex grid system integrates many electronic devices that provide an efficient way of exploiting the power systems but cause many problems due to their vulnerabilities to attacks. The aim of the work is to propose a solution to the privacy problem in Smart Grid communication network between the customers and Control center. It consists in using the relatively new cryptographic task - quantum key distribution (QKD). The solution is based on choosing an appropriate quantum key distribution method out of all the conventional ones by performing an assessment in terms of several parameters. The parameters are: key rate, operating distances, resources, and trustworthiness of the devices involved. Accordingly, we discuss an answer to the privacy problem of the SG network with regard to both security and resource economy.

Li, L., Abd-El-Atty, B., El-Latif, A. A. A., Ghoneim, A..  2017.  Quantum color image encryption based on multiple discrete chaotic systems. 2017 Federated Conference on Computer Science and Information Systems (FedCSIS). :555–559.

In this paper, a novel quantum encryption algorithm for color image is proposed based on multiple discrete chaotic systems. The proposed quantum image encryption algorithm utilize the quantum controlled-NOT image generated by chaotic logistic map, asymmetric tent map and logistic Chebyshev map to control the XOR operation in the encryption process. Experiment results and analysis show that the proposed algorithm has high efficiency and security against differential and statistical attacks.

Wang, H., Yao, G., Wang, B..  2020.  A Quantum Concurrent Signature Scheme Based on the Quantum Finite Automata Signature Scheme. 2020 IEEE 14th International Conference on Anti-counterfeiting, Security, and Identification (ASID). :125–129.
When using digital signatures, we need to deal with the problem of fairness of information exchange. To solve this problem, Chen, etc. introduced a new conception which is named concurrent signatures in Eurocrypt'04. Using concurrent signatures scheme, two entities in the scheme can generate two ambiguous signatures until one of the entities releases additional information which is called keystone. After the keystone is released, the two ambiguous signatures will be bound to their real signers at the same time. In order to provide a method to solve the fairness problem of quantum digital signatures, we propose a new quantum concurrent signature scheme. The scheme we proposed does not use a trusted third party in a quantum computing environment, and has such advantages as no need to conduct complex quantum operations and easy to implement by a quantum circuit. Quantum concurrent signature improves the theory of quantum cryptography, and it also provides broad prospects for the specific applications of quantum cryptography.
Medury, Aditya Sankar, Kansal, Harshit.  2019.  Quantum Confinement Effects and Electrostatics of Planar Nano-Scale Symmetric Double-Gate SOI MOSFETs. 2019 IEEE International Conference on Electron Devices and Solid-State Circuits (EDSSC). :1-3.

The effects of quantum confinement on the charge distribution in planar Double-Gate (DG) SOI (Siliconon-Insulator) MOSFETs were examined, for sub-10 nm SOI film thicknesses (tsi $łeq$ 10 nm), by modeling the potential experienced by the charge carriers as that of an an-harmonic oscillator potential, consistent with the inherent structural symmetry of nanoscale symmetric DGSOI MOSFETs. By solving the 1-D Poisson's equation using this potential, the results obtained were validated through comparisons with TCAD simulations. The present model satisfactorily predicted the electron density and channel charge density for a wide range of SOI channel thicknesses and gate voltages.