Zobrazeno 1 - 10
of 348
pro vyhledávání: '"Etalle, Sandro"'
Memory corruption vulnerabilities have been around for decades and rank among the most prevalent vulnerabilities in embedded systems. Yet this constrained environment poses unique design and implementation challenges that significantly complicate the
Externí odkaz:
http://arxiv.org/abs/2007.02307
Modern vehicles are complex safety critical cyber physical systems, that are connected to the outside world, with all security implications that brings. To enhance vehicle security several network intrusion detection systems (NIDS) have been proposed
Externí odkaz:
http://arxiv.org/abs/1905.11587
Autor:
Allodi, Luca, Etalle, Sandro
Current threat models typically consider all possible ways an attacker can penetrate a system and assign probabilities to each path according to some metric (e.g. time-to-compromise). In this paper we discuss how this view hinders the realness of bot
Externí odkaz:
http://arxiv.org/abs/1801.04569
Publikováno v:
Theory and Practice of Logic Programming 14 (2014) 293-337
Trust management is an approach to access control in distributed systems where access decisions are based on policy statements issued by multiple principals and stored in a distributed manner. In trust management, the policy statements of a principal
Externí odkaz:
http://arxiv.org/abs/1210.0368
Autor:
Dupont, Guillaume, dos Santos, Daniel, Dashevskyi, Stanislav, Vijayakumar, Sangavi, Murali, Sashaank P., Costante, Elisa, den Hartog, Jerry, Etalle, Sandro
Publikováno v:
Journal of Computer Virology and Hacking Techniques; June 2024, Vol. 20 Issue: 2 p301-314, 14p
Autor:
Bolzoni, Damiano, Etalle, Sandro
We present APHRODITE, an architecture designed to reduce false positives in network intrusion detection systems. APHRODITE works by detecting anomalies in the output traffic, and by correlating them with the alerts raised by the NIDS working on the i
Externí odkaz:
http://arxiv.org/abs/cs/0604026
We present Poseidon, a new anomaly based intrusion detection system. Poseidon is payload-based, and presents a two-tier architecture: the first stage consists of a Self-Organizing Map, while the second one is a modified PAYL system. Our benchmarks on
Externí odkaz:
http://arxiv.org/abs/cs/0511043
We introduce the use, monitoring, and enforcement of integrity constraints in trust management-style authorization systems. We consider what portions of the policy state must be monitored to detect violations of integrity constraints. Then we address
Externí odkaz:
http://arxiv.org/abs/cs/0503061
We propose a new simple \emph{trace} logic that can be used to specify \emph{local security properties}, i.e. security properties that refer to a single participant of the protocol specification. Our technique allows a protocol designer to provide a
Externí odkaz:
http://arxiv.org/abs/cs/0411010