To prevent an exploit, the security analyst must implement a suitable countermeasure. In this paper, we consider cost-sensitive attack graphs (CAGs) for network vulnerability analysis. In these attack graphs, a weight is assigned to each countermeasure to represent the cost of its implementation. There may be multiple countermeasures with different weights for preventing a single exploit. Also,...

Recently new types of differential power analysis attacks (DPA) against elliptic curve cryptosystems (ECC) and RSA systems have been introduced. Most existing countermeasures against classical DPA attacks are vulnerable to these new DPA attacks which include refined power analysis attacks (RPA), zero-value point attacks (ZPA), and doubling attacks. The new attacks are different from classical D...

Botnets become widespread in wired and wireless networks, whereas the relevant research is still in the initial stage. In this paper, a survey of botnets is provided. We first discuss fundamental concepts of botnets, including formation and exploitation, lifecycle, and two major kinds of topologies. Several related attacks, detection, tracing, and countermeasures, are then introduced, followed ...

T paper describes a decision tree analysis to assess the cost-effectiveness of MANPADS (Man-Portable Air Defense Systems) countermeasures. These countermeasures are electronic devices that can be installed on commercial airplanes to detect and deflect surface-to-air missiles (SAMs) fired by terrorists. The model considers a terrorist attempt to shoot down a commercial airplane with a heat-seeki...

Private browsing refers to a specialized mode common in current mainstream internet browsers which is designed to leave no traces of browsing activity performed while in the mode. In this paper we examine various internet browsers in order to determine what traces of browsing activity remains in physical memory after using the private browsing modes of each browser. We also analyze some of the ...

At CHES 2006, a DPA countermeasure based on the Fourier Transform was published. This generic countermeasure aims at protecting from DPA any S-box calculation used in symmetric cryptosystems implementations. In this paper, we show that this countermeasure has a flaw and that it can be broken by first order DPA. Moreover, we have successfully put into practice our attack on two different S-box i...

Researchers have demonstrated the ineffectiveness of deterministic countermeasures and emphasized on the use of randomness for protecting cryptosystems against fault attacks. One such countermeasure for AES was proposed in LatinCrypt 2012, which masks the faulty output with secret values. However this countermeasure does not affect the erroneous byte in the faulty computation of the last AES ro...

Horizontal collision correlation analysis (HCCA) imposes a serious threat to simple power analysis resistant elliptic curve cryptosystems involving unified algorithms, for e.g. Edward curve unified formula. This attack can be mounted even in presence of differential power analysis resistant randomization schemes. In this paper we have designed an effective countermeasure for HCCA protection, wh...

Horizontal collision correlation analysis (HCCA) imposes a serious threat to simple power analysis resistant elliptic curve cryptosystems involving unified algorithms, for e.g. Edward curve unified formula. This attack can be mounted even in presence of differential power analysis resistant randomization schemes. In this paper we have designed an effective countermeasure for HCCA protection, wh...

Packet Level Authentication (PLA) is a novel countermeasure against distributed denial-of-service attacks. Each packet sent across a network has a digital signature and public key attached to it, allowing each hop along the route to verify the authenticity of packets. This requires high-speed elliptic curve cryptography (ECC) to improve throughput. In this paper, we present a software solution ...