Existing methods for security risk analysis typically estimate time, cost, or likelihood of success of attack steps. When the threat environment changes, such values have to be updated as well. However, the estimated values reflect both system properties and attacker properties: the time required for an attack step depends on attacker skill as well as the strength of a particular system compone...

In this paper we introduce a formal attacker model for normative multi-agent systems. In this context, an attacker is an agent trying to profit from norm violation, for example because the violation is not detected, it is not being sanctioned, or the sanction is less than the profit of violation. To deliberate about norm violations, an attacker has a self model and a model of the normative mult...

Many high-level functional programming languages are compiled to or interoperate with, low-level languages such as C and assembly. Research into the security of these compilation and interoperation mechanisms often makes use of high-level attacker models to simplify formalisations. In practice, however, the validity of such high-level attacker models is frequently called into question. In this ...

The paper demonstrates how traffic load of a shared packet queue can be exploited as a side channel through which protected information leaks to an off-path attacker. The attacker sends to a victim a sequence of identical spoofed segments. The victim responds to each segment in the sequence (the sequence is reflected by the victim) if the segments satisfy a certain condition tested by the attac...

Denial-of-Service (DoS) and Distributed DoS (DDoS) attacks can cause serious problems in wireless networks due to limited network and host resources. Attacker traceback is a promising solution to take a proper countermeasure near the attack origins, to discourage attackers from launching attacks, and for forensics. However, attacker traceback in Mobile Ad-hoc Networks (MANETs) is a challenging ...

Stackelberg security games (SSGs) are now established as a powerful tool in security domains. In order to compute the optimal strategy for the defender in SSG model, the defender needs to know the attacker’s preferences over targets so that she can predict how the attacker would react under a certain defender strategy. Uncertainty over attacker preferences may cause the defender to suffer large...

A Three-player conflict with bounded controls is considered in this paper. Optimal pursuit-evasion strategy based on differential game with bounded control is derived assuming that the attacker, target and it’s defender have linearized kinematics, arbitrary-order linear adversaries’ dynamics, and perfect information. The obtained strategy is dependent on the zero-effort miss distance of two pur...

This letter addresses a two-player target defense game in an $n$ -dimensional Euclidean space where attacker attempts to enter closed convex set whereas defender strives capture the beforehand. We propose generalized differential game...