Abstract

file

Visible to the public Impact of Stealthy Attacks on Optimal Power Flow: A Simulink-Driven Formal Analysis

Optimal Power Flow (OPF) is a crucial part of the Energy Management System (EMS) as it determines individual generator outputs that minimize generation cost while satisfying transmission, generation, and system-level operating constraints. OPF relies on a core EMS routine, namely state estimation, which computes system states, principally bus voltages/phase angles at the buses. However, state estimation is vulnerable to false data injection attacks in which an adversary can alter certain measurements to corrupt the estimator's solution without being detected.

page

Visible to the public CherryPie: A Program Analysis to Assist the Detection of Logic Bombs

C. Durward McDonell, Mark Thober, Jonathan Myers, Raymond McDowell, Ian Blumenfeld

page

Visible to the public Tiros: Reachability analysis for AWS-based Networks Using Automated Theorem Proving

S. Bayless, B. Cook, C. Dodge, A. Gacek, A.J. Hu, T. Kahsai, B. Kocik, E. Kotelnikov, J. Kukovec, S. McLaughlin, J. Reed, N. Rungta, J. Sizemore, M. Stalzer, P. Srinivasan, P. Subotic, C. Varming, B. Whaley, Y. Wu

page

Visible to the public Semantic Analysis of AWS Access Control

John Backes, Pauline Bolignano, Byron Cook, Catherine Dodge, Andrew Gacek, Rustan Leino, Kasper Luckow, Neha Rungta, Oksana Tkachuk and Carsten Varming

event

Visible to the public  University of Kansas NSA Lablet, Inaugural Advisory Board Meeting
May 17, 2018 8:30 am - 6:00 pm EDT

The KU Lablet will host the inaugural meeting of the Advisory Board on May 17. The agenda includes:

  • Introductions
  • Overview of the NSA Lablet Program and the KU Lablet
  • First year project presentations
  • Discussion and Feedback: Advisory Member Perspectives on Technical Challenges
  • Workforce Development
  • Networking

Point of Contact: Dr. Perry Alexander, palexand@ku.edu

file

Visible to the public An Approach to Incorporating Uncertainty in Network Security Analysis

ABSTRACT: Attack graphs used in network security analysis are analyzed to determine sequences of exploits that lead to successful acquisition of privileges or data at critical assets.

file

Visible to the public Tutorial: System Monitoring for Security

ABSTRACT: Intrusive multi-step attacks, such as Advanced Persistent Threat (APT) attacks, have plagued many well-protected businesses with significant financial losses. These advanced attacks are sophisticated and stealthy, and can remain undetected for years as individual attack steps may not be suspicious enough. To counter these advanced attacks, a recent trend is to leverage ubiquitous system monitoring for collecting the attack provenance for a long period of time and perform attack investigation for identifying risky system behaviors.

file

Visible to the public Learning a Privacy Incidents Database

ABSTRACT: A repository of privacy incidents is essential for understanding the attributes of products and policies that lead to privacy incidents. We describe our vision for a novel privacy incidents database and our progress toward building a prototype.

file

Visible to the public Global Variation in Attack Encounters and Hosting

ABSTRACT: Countries vary greatly in the extent to which their computers encounter and host attacks. Empirically identifying factors behind such variation can provide a sound basis for policies to reduce attacks worldwide.