Building the attack scenario is the first step to understand an attack and extract useful attack intelligence. Existing attack scenario reconstruction approaches, however, suffer from several limitations that weaken the elicitation of the attack scenarios and decrease the quality of the generated attack scenarios. In this paper, we discuss the limitations of the existing attack scenario reconst...

Recently permutation multimedia ciphers were broken in a chosen-plaintext scenario. That attack models a very resourceful adversary which may not always be the case. To show insecurity of these ciphers, we present a cipher-text only attack on speech permutation ciphers. We show inherent redundancies of speech can pave the path for a successful cipher-text only attack. To that end, regularities ...

Cognitive Radio (CR) networks enable dynamic spectrum access and can significantly improve spectral efficiency. Cooperative Spectrum Sensing (CSS) exploits the spatial diversity between CR users to increase sensing accuracy. However, in a realistic scenario, the trustworthy of CSS is vulnerable to Spectrum Sensing Data Falsification (SSDF) attack. In an SSDF attack, some malicious CR users deli...

Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber thr...

Current techniques employed in security alert correlation area for multi-step attack recognition purpose are intricate to be performed due to the complexity of the methods and huge computing workload generated during alert analysis and processing. In this paper, we proposed a new method of alert correlation aiming at providing concentrated security event information and thus finding multi-step ...

For the past twenty years, model checking has been used successfully in many engineering projects. Model checkers assist the engineer in identifying automatically individual design flaws in a system. A typical model checker takes as input a model of the system and a correctness specification. It checks the model against the specification for erroneous behavior. If erroneous behavior exists, the...

We describe dangerous and realistic attack techniques that help to deter detection and forensic analysis which are new or seldom discussed in the literature.

In cloud computing, multiple users can share the same physical machine that can potentially leak secret information, in particular when the memory de-duplication is enabled. Flush+Reload attack is a cache-based attack that makes use of resource sharing. T-table implementation of AES is commonly used in the crypto libraries like OpenSSL. Several Flush+Reload attacks on T-table implementat...

Biham and Chen proposed an attack on SHA-0 at Crypt 2004. In this paper, we apply the Biham-Chen attack to analyze SHAlike hash functions regarding pseudo-collision resistance and pseudorandomness. We present a scenario about how to attack SHA-like hash functions applying the Biham and Chen attack. Using this scenario, we present a differential attack on the MD5 hash function and a differential...

Alert correlation systems attempt to discover the relations among alerts produced by one or more intrusion detection systems to determine the attack scenarios and their main motivations. In this paper a new IDS alert correlation method is proposed that can be used to detect attack scenarios in real-time. The proposed method is based on a causal approach due to the strength of causal methods in ...