Defending Against Identity Threats Using Risk-Based Authentication

Defending Against Advanced Persistent Threats

Defending Against Advanced Persistent Threats Using Game-Theory

Advanced persistent threats (APT) combine a variety of different attack forms ranging from social engineering to technical exploits. The diversity and usual stealthiness of APT turns them into a central problem of contemporary practical system security, since information on attacks, the current system status or the attacker's incentives is often vague, uncertain and in many cases even unavailab...

Defending against Malicious Rogue System Threats

by Chad D. Mano With the expanse of the Internet and the increased reliance on computer networking technology for everyday business, the need to protect electronic data and communication from malicious attack has become increasingly critical. This dissertation addresses the rogue system problem, a significant threat in modern networks. A rogue system is a device installed within a network witho...

Defending RFID authentication protocols against DoS attacks

In this paper, we present a security weakness of a forward secure authentication protocol proposed by Tri Van Le et al. called O-FRAP which stands for Optimistic Forward secure RFID Authentication Protocol. In particular, we point out that in the O-FRAP protocol, the server can be subject to a denial-of-service attack due to a flaw in the database querying procedure. Our attack also applies to ...

Defending against insider threats and internal data leakage

In the last decade, computer science researchers have been working hard to prevent attacks against the security of information systems. Different adversary models have incarnated the malicious entities against which researchers have defined security properties, identified security vulnerabilities, and engineered security defenses. These adversaries were usually intruders, that is, outsiders try...