English
Related papers

Related papers: ADTool: Security Analysis with Attack-Defense Tree…

200 papers

Event Tree (ET) analysis is a widely used forward deductive safety analysis technique for decision-making at a system design stage. Existing ET tools usually provide Graphical Users Interfaces (GUI) for users to manually draw system-level…

Signal Processing · Electrical Eng. & Systems 2020-06-23 Mohamed Abdelghany , Waqar Ahmad , Sofiene Tahar , Sowmith Nethula

Machine learning (ML) and artificial intelligence (AI) techniques have now become commonplace in software products and services. When threat modelling a system, it is therefore important that we consider threats unique to ML and AI…

Cryptography and Security · Computer Science 2024-01-17 Vimal Kumar , Juliette Mayo , Khadija Bahiss

Reliable evaluation of adversarial defenses is a challenging task, currently limited to an expert who manually crafts attacks that exploit the defense's inner workings or approaches based on an ensemble of fixed attacks, none of which may…

Machine Learning · Computer Science 2021-10-28 Chengyuan Yao , Pavol Bielik , Petar Tsankov , Martin Vechev

Cloud service providers offer their customers with on-demand and cost-effective services, scalable computing, and network infrastructures. Enterprises migrate their services to the cloud to utilize the benefit of cloud computing such as…

Cryptography and Security · Computer Science 2019-04-04 Hootan Alavizadeh , Hooman Alavizadeh , Dong Seong Kim , Julian Jang-Jaccard , Masood Niazi Torshiz

Recently security researchers have started to look into automated generation of attack trees from socio-technical system models. The obvious next step in this trend of automated risk analysis is automating the selection of security controls…

Cryptography and Security · Computer Science 2015-09-03 Olga Gadyatskaya

Domain-specific quantitative modeling and analysis approaches are fundamental in scenarios in which qualitative approaches are inappropriate or unfeasible. In this paper, we present a tool-supported approach to quantitative graph-based…

Cryptography and Security · Computer Science 2021-01-22 Maurice H. ter Beek , Axel Legay , Alberto Lluch Lafuente , Andrea Vandin

CySecTool is a tool that finds a cost-optimal security controls portfolio in a given budget for a probabilistic attack graph. A portfolio is a set of counter-measures, or controls, against vulnerabilities adopted for a computer system,…

Cryptography and Security · Computer Science 2022-04-26 Przemysław Buczkowski , Pasquale Malacaria , Chris Hankin , Andrew Fielder

Attack Trees (AT) are a popular formalism for security analysis. They are meant to display an attacker's goal decomposed into attack steps needed to achieve it and compute certain security metrics (e.g., attack cost, probability, and…

Cryptography and Security · Computer Science 2025-07-01 Ítalo Oliveira , Stefano M. Nicoletti , Gal Engelberg , Mattia Fumagalli , Dan Klein , Giancarlo Guizzardi

Since last decade, smartphones have become an integral part of everyone's life. Having the ability to handle many useful and attractive applications, smartphones sport flawless functionality and small sizes leading to their exponential…

Cryptography and Security · Computer Science 2018-08-01 Keyur Kulkarni , Ahmad Y Javaid

Attack graphs are a tool for analyzing security vulnerabilities that capture different and prospective attacks on a system. As a threat modeling tool, it shows possible paths that an attacker can exploit to achieve a particular goal.…

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be…

Cryptography and Security · Computer Science 2024-05-20 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

AOtools is a Python package which is open-source and aimed at providing tools for adaptive optics users and researchers. We present version 1.0 which contains tools for adaptive optics processing, including analysing data in the pupil…

Instrumentation and Methods for Astrophysics · Physics 2020-01-08 M. J. Townson , O. J. D. Farley , G. Orban de Xivry , J. Osborn , A. P. Reeves

Models of software systems are used throughout the software development lifecycle. Dataflow diagrams (DFDs), in particular, are well-established resources for security analysis. Many techniques, such as threat modelling, are based on DFDs…

Software Engineering · Computer Science 2024-01-10 Simon Schneider , Nicolás E. Díaz Ferreyra , Pierre-Jean Quéval , Georg Simhandl , Uwe Zdun , Riccardo Scandariato

Self-adaptive systems offer several attack surfaces due to the communication via different channels and the different sensors required to observe the environment. Often, attacks cause safety to be compromised as well, making it necessary to…

Cryptography and Security · Computer Science 2023-09-19 Thomas Witte , Raffaela Groner , Alexander Raschke , Matthias Tichy , Irdin Pekaric , Michael Felderer

The growing interconnection between software systems increases the need for security already at design time. Security-related properties like confidentiality are often analyzed based on data flow diagrams (DFDs). However, manually analyzing…

Software Engineering · Computer Science 2024-03-15 Nicolas Boltz , Sebastian Hahner , Christopher Gerking , Robert Heinrich

Evaluating the security of multi-agent systems (MASs) powered by large language models (LLMs) is challenging, primarily because of the systems' complex internal dynamics and the evolving nature of LLM vulnerabilities. Traditional attack…

Cryptography and Security · Computer Science 2025-06-04 Parth Atulbhai Gandhi , Akansha Shukla , David Tayouri , Beni Ifland , Yuval Elovici , Rami Puzis , Asaf Shabtai

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…

Cryptography and Security · Computer Science 2019-05-10 Étienne André , Didier Lime , Mathias Ramparison , Mariëlle Stoelinga

The integration of external data services (e.g., Model Context Protocol, MCP) has made large language model-based agents increasingly powerful for complex task execution. However, this advancement introduces critical security…

Cryptography and Security · Computer Science 2026-02-25 Che Wang , Jiaming Zhang , Ziqi Zhang , Zijie Wang , Yinghui Wang , Jianbo Gao , Tao Wei , Zhong Chen , Wei Yang Bryan Lim

In the design of software and cyber-physical systems, security is often perceived as a qualitative need, but can only be attained quantitatively. Especially when distributed components are involved, it is hard to predict and confront all…

Cryptography and Security · Computer Science 2018-03-30 Roberto Vigo , Flemming Nielson , Hanne Riis Nielson

Security has become, nowadays, a major concern for the organizations as the majority of its applications are exposed to Internet, which increases the threats of security considerably. Thus, the solution is to improve tools and mechanisms to…

Cryptography and Security · Computer Science 2013-09-25 Mohammed Ennahbaoui , Said Elhajji