Visible to the public Biblio

Found 11634 results

A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 
Bost, Raphael.  2016.  ∑O\$\textbackslashphi\$Oς: Forward Secure Searchable Encryption. Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security. :1143–1154.

Searchable Symmetric Encryption aims at making possible searching over an encrypted database stored on an untrusted server while keeping privacy of both the queries and the data, by allowing some small controlled leakage to the server. Recent work shows that dynamic schemes – in which the data is efficiently updatable – leaking some information on updated keywords are subject to devastating adaptative attacks breaking the privacy of the queries. The only way to thwart this attack is to design forward private schemes whose update procedure does not leak if a newly inserted element matches previous search queries. This work proposes Sophos as a forward private SSE scheme with performance similar to existing less secure schemes, and that is conceptually simpler (and also more efficient) than previous forward private constructions. In particular, it only relies on trapdoor permutations and does not use an ORAM-like construction. We also explain why Sophos is an optimal point of the security/performance tradeoff for SSE. Finally, an implementation and evaluation results demonstrate its practical efficiency.

Schrenk, B., Pacher, C..  2018.  1 Gb/s All-LED Visible Light Communication System. 2018 Optical Fiber Communications Conference and Exposition (OFC). :1–3.
We evaluate the use of LEDs intended for illumination as low-cost filtered optical detectors. An optical wireless system that is exclusively based on commercial off-the-shelf 5-mm R/G/B LEDs is experimentally demonstrated for Gb/s close-proximity transmission.
Doerr, Carola, Lengler, Johannes.  2016.  The (1+1) Elitist Black-Box Complexity of LeadingOnes. Proceedings of the Genetic and Evolutionary Computation Conference 2016. :1131–1138.

One important goal of black-box complexity theory is the development of complexity models allowing to derive meaningful lower bounds for whole classes of randomized search heuristics. Complementing classical runtime analysis, black-box models help us understand how algorithmic choices such as the population size, the variation operators, or the selection rules influence the optimization time. One example for such a result is the Ω(n log n) lower bound for unary unbiased algorithms on functions with a unique global optimum [Lehre/Witt, GECCO 2010], which tells us that higher arity operators or biased sampling strategies are needed when trying to beat this bound. In lack of analyzing techniques, almost no non-trivial bounds are known for other restricted models. Proving such bounds therefore remains to be one of the main challenges in black-box complexity theory. With this paper we contribute to our technical toolbox for lower bound computations by proposing a new type of information-theoretic argument. We regard the permutation- and bit-invariant version of LeadingOnes and prove that its (1+1) elitist black-box complexity is Ω(n2), a bound that is matched by (1+1)-type evolutionary algorithms. The (1+1) elitist complexity of LeadingOnes is thus considerably larger than its unrestricted one, which is known to be of order n log log n [Afshani et al., 2013].

Whatmough, P. N., Lee, S. K., Lee, H., Rama, S., Brooks, D., Wei, G. Y..  2017.  14.3 A 28nm SoC with a 1.2GHz 568nJ/prediction sparse deep-neural-network engine with \#x003E;0.1 timing error rate tolerance for IoT applications. 2017 IEEE International Solid-State Circuits Conference (ISSCC). :242–243.

This paper presents a 28nm SoC with a programmable FC-DNN accelerator design that demonstrates: (1) HW support to exploit data sparsity by eliding unnecessary computations (4× energy reduction); (2) improved algorithmic error tolerance using sign-magnitude number format for weights and datapath computation; (3) improved circuit-level timing violation tolerance in datapath logic via timeborrowing; (4) combined circuit and algorithmic resilience with Razor timing violation detection to reduce energy via VDD scaling or increase throughput via FCLK scaling; and (5) high classification accuracy (98.36% for MNIST test set) while tolerating aggregate timing violation rates \textbackslashtextgreater10-1. The accelerator achieves a minimum energy of 0.36μJ/pred at 667MHz, maximum throughput at 1.2GHz and 0.57μJ/pred, or a 10%-margined operating point at 1GHz and 0.58μJ/pred.

Tatarenko, T..  2015.  1-recall reinforcement learning leading to an optimal equilibrium in potential games with discrete and continuous actions. 2015 54th IEEE Conference on Decision and Control (CDC). :6749–6754.

Game theory serves as a powerful tool for distributed optimization in multiagent systems in different applications. In this paper we consider multiagent systems that can be modeled as a potential game whose potential function coincides with a global objective function to be maximized. This approach renders the agents the strategic decision makers and the corresponding optimization problem the problem of learning an optimal equilibruim point in the designed game. In distinction from the existing works on the topic of payoff-based learning, we deal here with the systems where agents have neither memory nor ability for communication, and they base their decision only on the currently played action and the experienced payoff. Because of these restrictions, we use the methods of reinforcement learning, stochastic approximation, and learning automata extensively reviewed and analyzed in [3], [9]. These methods allow us to set up the agent dynamics that moves the game out of inefficient Nash equilibria and leads it close to an optimal one in both cases of discrete and continuous action sets.

Demjaha, A., Caulfield, T., Sasse, M. Angela, Pym, D..  2019.  2 Fast 2 Secure: A Case Study of Post-Breach Security Changes. 2019 IEEE European Symposium on Security and Privacy Workshops (EuroS PW). :192—201.
A security breach often makes companies react by changing their attitude and approach to security within the organization. This paper presents an in-depth case study of post-breach security changes made by a company and the consequences of those changes. We employ the principles of participatory action research and humble inquiry to conduct a long-term study with employee interviews while embedded in the organization's security division. Despite an extremely high level of financial investment in security, and consistent attention and involvement from the board, the interviews indicate a significant level of friction between employees and security. In the main themes that emerged from our data analysis, a number of factors shed light on the friction: fear of another breach leading to zero risk appetite, impossible security controls making non-compliance a norm, security theatre underminining the purpose of security policies, employees often trading-off security with productivity, and as such being treated as children in detention rather than employees trying to finish their paid jobs. This paper shows that post-breach security changes can be complex and sometimes risky due to emotions often being involved. Without an approach considerate of how humans and security interact, even with high financial investment, attempts to change an organization's security behaviour may be ineffective.
[Anonymous].  2016.  2016 Science of Security for Cyber-Physical Systems Workshop (SoSCYPS). 2016 Science of Security for Cyber-Physical Systems Workshop (SoSCYPS).

Attacks infiltrating the integrity of vehicular control systems and medical devices have brought to sharp focus the urgency of securing cyber-physical systems. There is a broader discussion about the role of principled
security -aware design and analysis in the development of both modern engineering systems such as the Smartgrid as well as in future systems that use advanced AI and machine learning in safety critical settings.
Although there has been a growing interest in these security in the CPSWeek commun ity (increasing number of security related papers in ICCPS, HSCC, RTAS, HyCons), this body of research remains largely disconnected from the mainstream systems security research (USENIX, Oakland, CCS, NDSS). The CPS community has developed analysis and synthesis algorithms, verification tools, notions of observability and controllability, and have been in the forefront of research on emerging applications. The connections between this body of work and systems security research remain unexplored. 

The goal of this workshop is to advance the science of security in cyberphysical systems by helping bridge this. We plan to bring together the leaders from these two communities in a full day workshop of invited
sessions and panel discussions. Instead of unstructured technical presentations, the speakers and participants will put their research in the context of some broad topics that will help us bridge this gap. Topics of interest include:

  • Identify hard open problems for academic research in CPS security
  • Data and testbeds in security research amenable to CPS methods
  • Success and fails in designing for resiliency
  • Identify CPS tools and techniques (e.g., verification, synthesis) that can advance systems security research
  • How to make an impact with CPS security research (where most systems are closed, design cycles are long, and methodologies are slower to change than in cyber systems)
  • Metrics for CPS security
Khan, JavedAkhtar.  2019.  2019 3rd International Conference on Computing Methodologies and Communication (ICCMC). 2019 3rd International Conference on Computing Methodologies and Communication (ICCMC). :619-623.

This paper proposes the implementation of progressive authentication service in smart android mobile phone. In this digital era, massive amount of work can be done in the digital form using the smart devices like smart phone , laptop, Tablets, etc. The number of smartphone users approx. reach to 299.24 million, as per the recent survey report [1] in 2019 this count will reach 2.7 billion and after 3 years, this count will increase up to 442.5 million. This article includes a cluster based progressive smart lock with a dependent combination that is short and more secure in nature. Android provides smart lock facilities with the combination of 9 dot, 6dot, 5dot, 4dot and 1-9 number. By using this mobile phone user will be able to generate pattern lock or number password for authentication. This is a single authentication system, this research paper includes a more secured multiple cluster based pattern match system.

Khakurel, U., Rawat, D., Njilla, L..  2019.  2019 IEEE International Conference on Industrial Internet (ICII). 2019 IEEE International Conference on Industrial Internet (ICII). :241—247.

FastChain is a simulator built in NS-3 which simulates the networked battlefield scenario with military applications, connecting tankers, soldiers and drones to form Internet-of-Battlefield-Things (IoBT). Computing, storage and communication resources in IoBT are limited during certain situations in IoBT. Under these circumstances, these resources should be carefully combined to handle the task to accomplish the mission. FastChain simulator uses Sharding approach to provide an efficient solution to combine resources of IoBT devices by identifying the correct and the best set of IoBT devices for a given scenario. Then, the set of IoBT devices for a given scenario collaborate together for sharding enabled Blockchain technology. Interested researchers, policy makers and developers can download and use the FastChain simulator to design, develop and evaluate blockchain enabled IoBT scenarios that helps make robust and trustworthy informed decisions in mission-critical IoBT environment.

Armin, J., Thompson, B., Ariu, D., Giacinto, G., Roli, F., Kijewski, P..  2015.  2020 Cybercrime Economic Costs: No Measure No Solution. 2015 10th International Conference on Availability, Reliability and Security. :701–710.

Governments needs reliable data on crime in order to both devise adequate policies, and allocate the correct revenues so that the measures are cost-effective, i.e., The money spent in prevention, detection, and handling of security incidents is balanced with a decrease in losses from offences. The analysis of the actual scenario of government actions in cyber security shows that the availability of multiple contrasting figures on the impact of cyber-attacks is holding back the adoption of policies for cyber space as their cost-effectiveness cannot be clearly assessed. The most relevant literature on the topic is reviewed to highlight the research gaps and to determine the related future research issues that need addressing to provide a solid ground for future legislative and regulatory actions at national and international levels.

Ahmadian, M. M., Shahriari, H. R..  2016.  2entFOX: A framework for high survivable ransomwares detection. 2016 13th International Iranian Society of Cryptology Conference on Information Security and Cryptology (ISCISC). :79–84.

Ransomwares have become a growing threat since 2012, and the situation continues to worsen until now. The lack of security mechanisms and security awareness are pushing the systems into mire of ransomware attacks. In this paper, a new framework called 2entFOX' is proposed in order to detect high survivable ransomwares (HSR). To our knowledge this framework can be considered as one of the first frameworks in ransomware detection because of little publicly-available research in this field. We analyzed Windows ransomwares' behaviour and we tried to find appropriate features which are particular useful in detecting this type of malwares with high detection accuracy and low false positive rate. After hard experimental analysis we extracted 20 effective features which due to two highly efficient ones we could achieve an appropriate set for HSRs detection. After proposing architecture based on Bayesian belief network, the final evaluation is done on some known ransomware samples and unknown ones based on six different scenarios. The result of this evaluations shows the high accuracy of 2entFox in detection of HSRs.

Blue, Logan, Abdullah, Hadi, Vargas, Luis, Traynor, Patrick.  2018.  2MA: Verifying Voice Commands via Two Microphone Authentication. Proceedings of the 2018 on Asia Conference on Computer and Communications Security. :89–100.
Voice controlled interfaces have vastly improved the usability of many devices (e.g., headless IoT systems). Unfortunately, the lack of authentication for these interfaces has also introduced command injection vulnerabilities - whether via compromised IoT devices, television ads or simply malicious nearby neighbors, causing such devices to perform unauthenticated sensitive commands is relatively easy. We address these weaknesses with Two Microphone Authentication (2MA), which takes advantage of the presence of multiple ambient and personal devices operating in the same area. We develop an embodiment of 2MA that combines approximate localization through Direction of Arrival (DOA) techniques with Robust Audio Hashes (RSHs). Our results show that our 2MA system can localize a source to within a narrow physical cone (\$\textbackslashtextless30ˆ\textbackslashtextbackslashcirc \$) with zero false positives, eliminate replay attacks and prevent the injection of inaudible/hidden commands. As such, we dramatically increase the difficulty for an adversary to carry out such attacks and demonstrate that 2MA is an effective means of authenticating and localizing voice commands.
Jun, Jaehoon, Rhee, Cyuyeol, Kim, Suhwan.  2016.  A 386-\$\textbackslashmu\$W, 15.2-bit Programmable-Gain Embedded Delta-Sigma ADC for Sensor Applications. Proceedings of the 2016 International Symposium on Low Power Electronics and Design. :278–283.

A power-efficient programmable-gain control function embedded Delta-Sigma (ΔΣ) analog-to-digital converter (ADC) for various smart sensor applications is presented. It consists of a programmable-gain switched-capacitor ΔΣ modulator followed by a digital decimation filter for down-sampling. The programmable function is realized with programmable coefficients of a loop filter using a capacitor array. The coefficient control is accomplished with keeping the location of poles of a noise transfer function, so the stability of a designed closed-loop transfer function can be assured. The proposed gain control method helps ADC to optimize its performance with varying input signal magnitude. The gain controllability requires negligible additional energy consuming or area occupying block. The power efficient programmable-gain ADC (PGADC) is well-suited for sensor devices. The gain amplification can be optimized from 0 to 18 dB with a 6 dB step. Measurements show that the PGADC achieves 15.2-bit resolution and 12.4-bit noise free resolution with 99.9 % reliability. The chip operates with a 3.3 V analog supply and a 1.8 V digital supply, while consuming only 97 μA analog current and 37 μA digital current. The analog core area is 0.064 mm2 in a standard 0.18-μm CMOS process.

Maldonado-Ruiz, D., Torres, J., Madhoun, N. El.  2020.  3BI-ECC: a Decentralized Identity Framework Based on Blockchain Technology and Elliptic Curve Cryptography. 2020 2nd Conference on Blockchain Research Applications for Innovative Networks and Services (BRAINS). :45–46.

Most of the authentication protocols assume the existence of a Trusted Third Party (TTP) in the form of a Certificate Authority or as an authentication server. The main objective of this research is to present an autonomous solution where users could store their credentials, without depending on TTPs. For this, the use of an autonomous network is imperative, where users could use their uniqueness in order to identify themselves. We propose the framework “Three Blockchains Identity Management with Elliptic Curve Cryptography (3BI-ECC)”. Our proposed framework is a decentralize identity management system where users' identities are self-generated.

Ly, Son Thai, Do, Nhu-Tai, Lee, Guee-Sang, Kim, Soo-Hyung, Yang, Hyung-Jeong.  2019.  A 3d Face Modeling Approach for in-The-Wild Facial Expression Recognition on Image Datasets. 2019 IEEE International Conference on Image Processing (ICIP). :3492—3496.

This paper explores the benefits of 3D face modeling for in-the-wild facial expression recognition (FER). Since there is limited in-the-wild 3D FER dataset, we first construct 3D facial data from available 2D dataset using recent advances in 3D face reconstruction. The 3D facial geometry representation is then extracted by deep learning technique. In addition, we also take advantage of manipulating the 3D face, such as using 2D projected images of 3D face as additional input for FER. These features are then fused with that of 2D FER typical network. By doing so, despite using common approaches, we achieve a competent recognition accuracy on Real-World Affective Faces (RAF) database and Static Facial Expressions in the Wild (SFEW 2.0) compared with the state-of-the-art reports. To the best of our knowledge, this is the first time such a deep learning combination of 3D and 2D facial modalities is presented in the context of in-the-wild FER.

Zong, Fang, Yong, Ouyang, Gang, Liu.  2018.  3D Modeling Method Based on Deep Belief Networks (DBNs) and Interactive Evolutionary Algorithm (IEA). Proceedings of the 2018 International Conference on Big Data and Computing. :124-128.

3D modeling usually refers to be the use of 3D software to build production through the virtual 3D space model with 3D data. At present, most 3D modeling software such as 3dmax, FLAC3D and Midas all need adjust models to get a satisfactory model or by coding a precise modeling. There are many matters such as complicated steps, strong profession, the high modeling cost. Aiming at this problem, the paper presents a new 3D modeling methods which is based on Deep Belief Networks (DBN) and Interactive Evolutionary Algorithm (IEA). Following this method, firstly, extract characteristic vectors from vertex, normal, surfaces of the imported model samples. Secondly, use the evolution strategy, to extract feature vector for stochastic evolution by artificial grading control the direction of evolution, and in the process to extract the characteristics of user preferences. Then, use evolution function matrix to establish the fitness approximation evaluation model, and simulate subjective evaluation. Lastly, the user can control the whole machine simulation evaluation process at any time, and get a satisfactory model. The experimental results show that the method in this paper is feasible.

Vakilinia, I., Tosh, D. K., Sengupta, S..  2017.  3-Way game model for privacy-preserving cybersecurity information exchange framework. MILCOM 2017 - 2017 IEEE Military Communications Conference (MILCOM). :829–834.

With the growing number of cyberattack incidents, organizations are required to have proactive knowledge on the cybersecurity landscape for efficiently defending their resources. To achieve this, organizations must develop the culture of sharing their threat information with others for effectively assessing the associated risks. However, sharing cybersecurity information is costly for the organizations due to the fact that the information conveys sensitive and private data. Hence, making the decision for sharing information is a challenging task and requires to resolve the trade-off between sharing advantages and privacy exposure. On the other hand, cybersecurity information exchange (CYBEX) management is crucial in stabilizing the system through setting the correct values for participation fees and sharing incentives. In this work, we model the interaction of organizations, CYBEX, and attackers involved in a sharing system using dynamic game. With devising appropriate payoff models for each player, we analyze the best strategies of the entities by incorporating the organizations' privacy component in the sharing model. Using the best response analysis, the simulation results demonstrate the efficiency of our proposed framework.

Sreenivasan, Medha, Sidhardhan, Anargh, Priya, Varnitha Meera, V., Thanikaiselvan.  2019.  5D Combined Chaotic System for Image Encryption with DNA Encoding and Scrambling. 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN). :1–6.
The objective of this paper was to propose a 5D combined chaotic system used for image encryption by scrambling and DNA encryption. The initial chaotic values were calculated with a set of equations. The chaotic sequences were used for pixel scrambling, bit scrambling, DNA encryption and DNA complementary function. The average of NPCR, UACI and entropy values of the 6 images used for testing were 99.61, 33.51 and 7.997 respectively. The correlation values obtained for the encrypted image were much lower than the corresponding original image. The histogram of the encrypted image was flat. Based on the theoretical results from the tests performed on the proposed system it can be concluded that the system is suited for practical applications, since it offers high security.
Carmer, Brent, Malozemoff, Alex J., Raykova, Mariana.  2017.  5Gen-C: Multi-Input Functional Encryption and Program Obfuscation for Arithmetic Circuits. Proceedings of the 2017 ACM SIGSAC Conference on Computer and Communications Security. :747–764.

Program obfuscation is a powerful security primitive with many applications. White-box cryptography studies a particular subset of program obfuscation targeting keyed pseudorandom functions (PRFs), a core component of systems such as mobile payment and digital rights management. Although the white-box obfuscators currently used in practice do not come with security proofs and are thus routinely broken, recent years have seen an explosion of cryptographic techniques for obfuscation, with the goal of avoiding this build-and-break cycle. In this work, we explore in detail cryptographic program obfuscation and the related primitive of multi-input functional encryption (MIFE). In particular, we extend the 5Gen framework (CCS 2016) to support circuit-based MIFE and program obfuscation, implementing both existing and new constructions. We then evaluate and compare the efficiency of these constructions in the context of PRF obfuscation. As part of this work we (1) introduce a novel instantiation of MIFE that works directly on functions represented as arithmetic circuits, (2) use a known transformation from MIFE to obfuscation to give us an obfuscator that performs better than all prior constructions, and (3) develop a compiler for generating circuits optimized for our schemes. Finally, we provide detailed experiments, demonstrating, among other things, the ability to obfuscate a PRF with a 64-bit key and 12 bits of input (containing 62k gates) in under 4 hours, with evaluation taking around 1 hour. This is by far the most complex function obfuscated to date.

Su, Jinshu, Chen, Shuhui, Han, Biao, Xu, Chengcheng, Wang, Xin.  2016.  A 60Gbps DPI Prototype Based on Memory-Centric FPGA. Proceedings of the 2016 ACM SIGCOMM Conference. :627–628.

Deep packet inspection (DPI) is widely used in content-aware network applications to detect string features. It is of vital importance to improve the DPI performance due to the ever-increasing link speed. In this demo, we propose a novel DPI architecture with a hierarchy memory structure and parallel matching engines based on memory-centric FPGA. The implemented DPI prototype is able to provide up to 60Gbps full-text string matching throughput and fast rules update speed.

Yang, B., Liu, F., Yuan, L., Zhang, Y..  2020.  6LoWPAN Protocol Based Infrared Sensor Network Human Target Locating System. 2020 15th IEEE Conference on Industrial Electronics and Applications (ICIEA). :1773–1779.
This paper proposes an infrared sensor human target locating system for the Internet of Things. In this design, the wireless sensor network is designed and developed to detect human targets by using 6LoWPAN protocol and pyroelectric infrared (PIR) sensors. Based on the detection data acquired by multiple sensor nodes, K-means++ clustering algorithm combined with cost function is applied to complete human target location in a 10m×10m detection area. The experimental results indicate the human locating system works well and the user can view the location information on the terminal devices.
Liu, Weijian, Chen, Zeqi, Chen, Yunhua, Yao, Ruohe.  2015.  An \#8467;1/2-BTV regularization algorithm for super-resolution. 2015 4th International Conference on Computer Science and Network Technology (ICCSNT). 01:1274–1281.

In this paper, we propose a novelregularization term for super-resolution by combining a bilateral total variation (BTV) regularizer and a sparsity prior model on the image. The term is composed of the weighted least squares minimization and the bilateral filter proposed by Elad, but adding an ℓ1/2 regularizer. It is referred to as ℓ1/2-BTV. The proposed algorithm serves to restore image details more precisely and eliminate image noise more effectively by introducing the sparsity of the ℓ1/2 regularizer into the traditional bilateral total variation (BTV) regularizer. Experiments were conducted on both simulated and real image sequences. The results show that the proposed algorithm generates high-resolution images of better quality, as defined by both de-noising and edge-preservation metrics, than other methods.

Guri, M., Mirsky, Y., Elovici, Y..  2017.  9-1-1 DDoS: Attacks, Analysis and Mitigation. 2017 IEEE European Symposium on Security and Privacy (EuroS P). :218–232.

The 911 emergency service belongs to one of the 16 critical infrastructure sectors in the United States. Distributed denial of service (DDoS) attacks launched from a mobile phone botnet pose a significant threat to the availability of this vital service. In this paper we show how attackers can exploit the cellular network protocols in order to launch an anonymized DDoS attack on 911. The current FCC regulations require that all emergency calls be immediately routed regardless of the caller's identifiers (e.g., IMSI and IMEI). A rootkit placed within the baseband firmware of a mobile phone can mask and randomize all cellular identifiers, causing the device to have no genuine identification within the cellular network. Such anonymized phones can issue repeated emergency calls that cannot be blocked by the network or the emergency call centers, technically or legally. We explore the 911 infrastructure and discuss why it is susceptible to this kind of attack. We then implement different forms of the attack and test our implementation on a small cellular network. Finally, we simulate and analyze anonymous attacks on a model of current 911 infrastructure in order to measure the severity of their impact. We found that with less than 6K bots (or \$100K hardware), attackers can block emergency services in an entire state (e.g., North Carolina) for days. We believe that this paper will assist the respective organizations, lawmakers, and security professionals in understanding the scope of this issue in order to prevent possible 911-DDoS attacks in the future.

Ghazo, A. T. Al, Ibrahim, M., Ren, H., Kumar, R..  2020.  A2G2V: Automatic Attack Graph Generation and Visualization and Its Applications to Computer and SCADA Networks. IEEE Transactions on Systems, Man, and Cybernetics: Systems. 50:3488–3498.
Securing cyber-physical systems (CPS) and Internet of Things (IoT) systems requires the identification of how interdependence among existing atomic vulnerabilities may be exploited by an adversary to stitch together an attack that can compromise the system. Therefore, accurate attack graphs play a significant role in systems security. A manual construction of the attack graphs is tedious and error-prone, this paper proposes a model-checking-based automated attack graph generator and visualizer (A2G2V). The proposed A2G2V algorithm uses existing model-checking tools, an architecture description tool, and our own code to generate an attack graph that enumerates the set of all possible sequences in which atomic-level vulnerabilities can be exploited to compromise system security. The architecture description tool captures a formal representation of the networked system, its atomic vulnerabilities, their pre-and post-conditions, and security property of interest. A model-checker is employed to automatically identify an attack sequence in the form of a counterexample. Our own code integrated with the model-checker parses the counterexamples, encodes those for specification relaxation, and iterates until all attack sequences are revealed. Finally, a visualization tool has also been incorporated with A2G2V to generate a graphical representation of the generated attack graph. The results are illustrated through application to computer as well as control (SCADA) networks.
Wei Liu, Ming Yu.  2014.  AASR: Authenticated Anonymous Secure Routing for MANETs in Adversarial Environments. Vehicular Technology, IEEE Transactions on. 63:4585-4593.

Anonymous communications are important for many of the applications of mobile ad hoc networks (MANETs) deployed in adversary environments. A major requirement on the network is the ability to provide unidentifiability and unlinkability for mobile nodes and their traffic. Although a number of anonymous secure routing protocols have been proposed, the requirement is not fully satisfied. The existing protocols are vulnerable to the attacks of fake routing packets or denial-of-service broadcasting, even the node identities are protected by pseudonyms. In this paper, we propose a new routing protocol, i.e., authenticated anonymous secure routing (AASR), to satisfy the requirement and defend against the attacks. More specifically, the route request packets are authenticated by a group signature, to defend against potential active attacks without unveiling the node identities. The key-encrypted onion routing with a route secret verification message is designed to prevent intermediate nodes from inferring a real destination. Simulation results have demonstrated the effectiveness of the proposed AASR protocol with improved performance as compared with the existing protocols.