Cyber-physical systems (CPS) integrate computa-tion and communication capabilities to monitor control physical systems. Even though this integration improves the performance of overall system facilitates application CPS in several domains, it also introduces security challenges. Over years, intrusion detection (IDS) have been de-ployed as one controls for addressing these Traditionally, there a...

Increasing the popularity of SIP based services (VoIP, IPTV, IMS infrastructure) lead to concerns about its ‎security. The main signaling protocol of next generation networks and VoIP systems is Session Initiation Protocol ‎‎(SIP). Inherent vulnerabilities of SIP, misconfiguration of its related components and also its implementation ‎deficiencies cause some security concerns in SIP based infra...

As the number of attacks on computer systems increases and become more sophisticated, there is an obvious need for intrusion detection systems to be able to effectively recognize the known attacks and adapt to novel threats. The specification-based intrusion detection has been long considered as a promising solution that integrates the characteristics of ideal intrusion detection system: the ac...

wireless sensor networks (wsns) arebecoming increasingly popular, and very useful in militaryapplications and environmental monitoring. however,security is a major challenge for wsns because they areusually setup in unprotected environments. our goal in thisstudy is to simulate an intrusion detection system (ids)that monitors the wsn and report intrusions accurately andeffectively. we have thus...

Intrusion detection is considered to be an effective technique to detect attacks that violate the security policy of systems. There are basically three different kinds of intrusion detection: Anomaly detection, misuse detection and specification-based intrusion detection [MB02]. Specification-based intrusion detection differs from the others by describing the desired functionalities of security...

This thesis presents a specification-based technique for generating, augmenting, and minimizing test suites. The technique is automatic but assumes the existence of a test case generator. The technique dynamically induces specifications from test suite executions. Test suites can be generated by adding cases until the induced specification stops changing. The resulting test suites have better f...