English
Related papers

Related papers: Quantitative Security Risk Modeling and Analysis w…

200 papers

We develop a queueing-theoretic framework to model the temporal evolution of cyber-attack surfaces, where the number of active vulnerabilities is represented as the backlog of a queue. Vulnerabilities arrive as they are discovered or…

Cryptography and Security · Computer Science 2026-04-17 Jihyeon Yun , Abdullah Yasin Etcibasi , Ming Shi , C. Emre Koksal

Numerous security metrics have been proposed in the past for protecting computer networks. However we still lack effective techniques to accurately measure the predictive security risk of an enterprise taking into account the dynamic…

Cryptography and Security · Computer Science 2015-01-09 Subil Abraham , Suku Nair

This paper presents the current state of the art on attack and defense modeling approaches that are based on directed acyclic graphs (DAGs). DAGs allow for a hierarchical decomposition of complex scenarios into simple, easily understandable…

Cryptography and Security · Computer Science 2013-04-01 Barbara Kordy , Ludovic Piètre-Cambacédès , Patrick Schweitzer

Identifying, analyzing, and evaluating cybersecurity risks are essential to assess the vulnerabilities of modern manufacturing infrastructures and to devise effective decision-making strategies to secure critical manufacturing against…

Cryptography and Security · Computer Science 2023-12-21 Md Habibor Rahman , Erfan Yazdandoost Hamedani , Young-Jun Son , Mohammed Shafae

Attack graphs are one of the main techniques used to automate the risk assessment process. In order to derive a relevant attack graph, up-to-date information on known attack techniques should be represented as interaction rules. Designing…

Cryptography and Security · Computer Science 2020-08-12 Hodaya Binyamini , Ron Bitton , Masaki Inokuchi , Tomohiko Yagyu , Yuval Elovici , Asaf Shabtai

Quantum secure direct communication provides a direct means of conveying secret information via quantum states among legitimate users. The past two decades have witnessed its great strides both theoretically and experimentally. However, the…

Quantum Physics · Physics 2021-09-14 Zhangdong Ye , Dong Pan , Zhen Sun , Chunguang Du , Liuguo Yin , Guilu Long

Risk assessment of cyber-physical systems, such as power plants, connected devices and IT-infrastructures has always been challenging: safety (i.e. absence of unintentional failures) and security (i.e. no disruptions due to attackers) are…

Cryptography and Security · Computer Science 2019-05-10 Étienne André , Didier Lime , Mathias Ramparison , Mariëlle Stoelinga

Critical infrastructure systems - for which high reliability and availability are paramount - must operate securely. Attack trees (ATs) are hierarchical diagrams that offer a flexible modelling language used to assess how systems can be…

Cryptography and Security · Computer Science 2024-05-20 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

Generative AI and large language models (LLMs) have shown strong capabilities in code understanding, but their use in cybersecurity, particularly for malware detection and analysis, remains limited. Existing detection systems often fail to…

Information Retrieval · Computer Science 2025-10-23 Hamed Jelodar , Mohammad Meymani , Roozbeh Razavi-Far , Ali A. Ghorbani

Quantitative security analysis of networked computer systems is one of the decades-long open problems in computer security. Recently, a promising approach was proposed in \cite{XuTDSC11}, which however made some strong assumptions including…

Cryptography and Security · Computer Science 2016-03-29 Maochao Xu , Shouhuai Xu

Attack Trees (AT) are a popular formalism for security analysis. They are meant to display an attacker's goal decomposed into attack steps needed to achieve it and compute certain security metrics (e.g., attack cost, probability, and…

Cryptography and Security · Computer Science 2025-07-01 Ítalo Oliveira , Stefano M. Nicoletti , Gal Engelberg , Mattia Fumagalli , Dan Klein , Giancarlo Guizzardi

We provide an overview of three different query languages whose objective is to specify properties on the highly popular formalisms of fault trees (FTs) and attack trees (ATs). These are BFL, a Boolean Logic for FTs, PFL, a probabilistic…

Logic in Computer Science · Computer Science 2024-01-30 Stefano M. Nicoletti , Milan Lopuhaä-Zwakenberg , E. Moritz Hahn , Mariëlle Stoelinga

Federated learning enables decentralized, privacy-preserving training but remains vulnerable to privacy leakage in the quantum era. Quantum federated learning (QFL) offers a promising path towards enhanced security and efficiency. However,…

Due to the dynamic nature of financial markets, maintaining models that produce precise predictions over time is difficult. Often the goal isn't just point prediction but determining uncertainty. Quantifying uncertainty, especially the…

Machine Learning · Statistics 2024-08-06 Mingshu Li , Bhaskarjit Sarmah , Dhruv Desai , Joshua Rosaler , Snigdha Bhagat , Philip Sommer , Dhagash Mehta

As cyber threats grow increasingly sophisticated, reinforcement learning (RL) is emerging as a promising technique to create intelligent and adaptive cyber defense systems. However, most existing autonomous defensive agents have overlooked…

Machine Learning · Computer Science 2025-04-17 Ilya Orson Sandoval , Isaac Symes Thompson , Vasilios Mavroudis , Chris Hicks

Adequate risk assessment of safety critical systems needs to take both safety and security into account, as well as their interaction. A prominent methodology for modeling safety and security are attack-fault trees (AFTs), which combine the…

Cryptography and Security · Computer Science 2024-08-14 Milan Lopuhaä-Zwakenberg

Risk assessment plays a crucial role in ensuring the security and resilience of modern computer systems. Existing methods for conducting risk assessments often suffer from tedious and time-consuming processes, making it challenging to…

Cryptography and Security · Computer Science 2023-07-27 Simon Unger , Ektor Arzoglou , Markus Heinrich , Dirk Scheuermann , Stefan Katzenbeisser

Due to the complex nature of mobile communication systems, most of the security efforts in its domain are isolated and scattered across underlying technologies. This has resulted in an obscure view of the overall security. In this work, we…

Cryptography and Security · Computer Science 2020-05-12 Siddharth Prakash Rao , Silke Holtmanns , Tuomas Aura

Multimodal Large Language Models (MLLMs) have demonstrated impressive capabilities in cross-modal understanding, but remain vulnerable to adversarial attacks through visual inputs despite robust textual safety mechanisms. These…

Cryptography and Security · Computer Science 2025-11-21 Wei Zhao , Zhe Li , Yige Li , Jun Sun

For a long time threat modeling was treated as a manual, complicated process. However modern agile development methodologies and cloud computing technologies require adding automatic threat modeling approaches. This work considers two…

Cryptography and Security · Computer Science 2023-03-21 Andrei Brazhuk