Our Publications
Here you find our publications.
2023
Barbeau, Michel; Garcia-Alfaro, Joaquin; Lübben, Christian; Pahl, Marc-Oliver; Wüstrich, Lars
Resilience via Blackbox Self-Piloting Plants Inproceedings
In: Guernic, Gurvan (Ed.): Proceedings of the 29th Computer & Electronics Security Application Rendezvous co-located with the 7th European Cyber Week (ECW 2022), Rennes, France, November 15-16, 2022., pp. 35–46, CEUR-WS.org, 2023.
@inproceedings{ceur-ws3329barbeau,
title = {Resilience via Blackbox Self-Piloting Plants},
author = {Michel Barbeau and Joaquin Garcia-Alfaro and Christian L\"{u}bben and Marc-Oliver Pahl and Lars W\"{u}strich},
editor = {Gurvan Guernic},
url = {https://ceur-ws.org/Vol-3329/paper-02.pdf},
year = {2023},
date = {2023-01-01},
booktitle = {Proceedings of the 29th Computer \& Electronics Security Application Rendezvous co-located with the 7th European Cyber Week (ECW 2022), Rennes, France, November 15-16, 2022.},
volume = {3329},
pages = {35--46},
publisher = {CEUR-WS.org},
series = {CEUR Workshop Proceedings},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
2022
Lavaur, Léo; Costé, Benjamin; Pahl, Marc-Oliver; Busnel, Yann; Autrel, Fabien
Federated Learning as enabler for Collaborative Security between not Fully-Trusting Distributed Parties Inproceedings
In: C&ESAR 2022 - 29th Computer & Electronics Security Application Rendezvous, pp. 1-16, Rennes, France, 2022.
Links | BibTeX | Tags: Federated learning ; cybersecurity ; intrusion detection ; distributed trust
@inproceedings{lavaur:hal-03831515,
title = {Federated Learning as enabler for Collaborative Security between not Fully-Trusting Distributed Parties},
author = {L\'{e}o Lavaur and Benjamin Cost\'{e} and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
url = {https://imt-atlantique.hal.science/hal-03831515},
year = {2022},
date = {2022-11-01},
booktitle = {C\&ESAR 2022 - 29th Computer \& Electronics Security Application Rendezvous},
pages = {1-16},
address = {Rennes, France},
keywords = {Federated learning ; cybersecurity ; intrusion detection ; distributed trust},
pubstate = {published},
tppubtype = {inproceedings}
}
Chaitou, Hassan; Robert, Thomas; Leneutre, Jean; Pautet, Laurent
Threats to adversarial training for IDSs and mitigation Inproceedings
In: Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal, 2022, ISSN: 2184-7711.
BibTeX | Tags:
@inproceedings{chaitou2022secrypt,
title = {Threats to adversarial training for IDSs and mitigation},
author = {Hassan Chaitou and Thomas Robert and Jean Leneutre and Laurent Pautet},
issn = {2184-7711},
year = {2022},
date = {2022-07-01},
booktitle = {Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Houssein-Meraneh, Awaleh; Clavier, Christophe; Le-Bouder, Hélène; Maillard, Julien; Thomas, Gaëlle
Blind Side Channel On The Elephant LFSR Inproceedings
In: Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal, 2022, ISSN: 2184-7711.
BibTeX | Tags:
@inproceedings{meraneh2022secrypt,
title = {Blind Side Channel On The Elephant LFSR},
author = {Awaleh Houssein-Meraneh and Christophe Clavier and H\'{e}l\`{e}ne Le-Bouder and Julien Maillard and Ga\"{e}lle Thomas},
issn = {2184-7711},
year = {2022},
date = {2022-07-01},
urldate = {2022-07-01},
booktitle = {Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Segovia, Mariana; Rubio-Hernan, Jose; Cavalli, Ana; Garcia-Alfaro, Joaquin
Switched-based Control Testbed to Assure Cyber-physical Resilience by Design Inproceedings
In: Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal, 2022, ISSN: 2184-7711.
BibTeX | Tags:
@inproceedings{segovia2022secrypt,
title = {Switched-based Control Testbed to Assure Cyber-physical Resilience by Design},
author = {Mariana Segovia and Jose Rubio-Hernan and Ana Cavalli and Joaquin Garcia-Alfaro},
issn = {2184-7711},
year = {2022},
date = {2022-07-01},
booktitle = {Proceedings of the 19th International Conference on Security and Cryptography (Secrypt 2022), Lisbon, Portugal},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Lavaur, Leo; Pahl, Marc-Oliver; Busnel, Yann; Autrel, Fabien
The Evolution of Federated Learning-based Intrusion Detection and Mitigation: a Survey Journal Article
In: IEEE Transactions on Network and Service Management, 2022.
Abstract | Links | BibTeX | Tags:
@article{Lavaur2022.tnsm,
title = {The Evolution of Federated Learning-based Intrusion Detection and Mitigation: a Survey},
author = {Leo Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
url = {https://ieeexplore.ieee.org/document/9780571},
doi = {10.1109/TNSM.2022.3177512},
year = {2022},
date = {2022-05-24},
urldate = {2022-05-24},
journal = {IEEE Transactions on Network and Service Management},
publisher = {IEEE},
series = {Special Issue on Network Security Management},
abstract = {In 2016, Google introduced the concept of Federated Learning (FL), enabling collaborative Machine Learning (ML). FL does not share local data but ML models, offering applications in diverse domains. This paper focuses on the application of FL to Intrusion Detection Systems (IDSs). There, common criteria to compare existing solutions are missing. In particular, this survey shows: (i) how FL-based IDSs are used in different domains; (ii) what differences exist between architectures; (iii) the state of the art of FL-based IDS.
With a structured literature survey, this work identifies the relevant state of the art in FL\textendashbased intrusion detection from its creation in 2016 until 2021. It provides a reference architecture and a taxonomy to serve as guidelines to compare and design FL- based IDSs. Both are validated with the existing works. Finally, it identifies research directions for the application of FL to intrusion detection systems.},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
With a structured literature survey, this work identifies the relevant state of the art in FL–based intrusion detection from its creation in 2016 until 2021. It provides a reference architecture and a taxonomy to serve as guidelines to compare and design FL- based IDSs. Both are validated with the existing works. Finally, it identifies research directions for the application of FL to intrusion detection systems.
Lübben, Christian; Pahl, Marc-Oliver
Autonomous convergence mechanisms for collaborative crowd-sourced data-modeling Inproceedings
In: NOMS 2022 - Full and short papers (), 2022.
Abstract | Links | BibTeX | Tags: Internet of Things (IoT); Data service management; IT service management; Distributed management
@inproceedings{221053,
title = {Autonomous convergence mechanisms for collaborative crowd-sourced data-modeling},
author = {Christian L\"{u}bben and Marc-Oliver Pahl},
url = {http://XXXXX/221053.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 - Full and short papers ()},
abstract = {Interoperability remains a central challenge of the Internet of Things (IoT). Standardized data representation can solve this problem. Data model convergence prevents redundancy and fosters reuse. The growth of the IoT demands a high number of data models. Collaborative approaches allow the creation of numerous data models. The question to investigate is: Can assisted distributed model creation improve model convergence? This paper presents an approach to unify IoT data models during creation. It analyzes existing models to find similarities to a new model candidate. Similar models shall be reused or extended to prevent information redundancy. Challenges are the accuracy of the similarity analysis and scalability. The evaluation shows linear scalability and high accuracy using a data set containing 1200 automatically converted data models from today's most relevant IoT data modeling initiatives: Project Haystack, IoTSchema, and BrickSchema.},
keywords = {Internet of Things (IoT); Data service management; IT service management; Distributed management},
pubstate = {published},
tppubtype = {inproceedings}
}
Smine, Manel; Espes, David; Pahl, Marc-Oliver
Optimal Access Control Deployment in Network Function Virtualization Inproceedings
In: NOMS 2022 - Full and short papers (), 2022.
Abstract | Links | BibTeX | Tags: Accounting, Configuration, Network virtualization; FCAPS: Fault, Performance and Security Management; Cybersystems, Security and Reliability in Network Softwarization and Management; Network security; Policybased management
@inproceedings{220803,
title = {Optimal Access Control Deployment in Network Function Virtualization},
author = {Manel Smine and David Espes and Marc-Oliver Pahl},
url = {http://XXXXX/220803.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 - Full and short papers ()},
abstract = {Network function virtualization (NFV) yields numerous advantages, specifically the ability to provide a cost-efficient alternative to hardware-based functionalities on software platforms to break the vendor lock-in problem. However, these advantages come at the cost of several security issues. These threats can be leveraged by controlling the information that flows between the different components that compose NFV services. We propose an approach allowing an optimal deployment of access control policies on NFV services. The proposed approach allows to find the best possible trade-offs between the impact in terms of latency resulting from the deployment of the access control policy and the used resources. In contrast to existing approaches, our solution prevents an insider adversary who compromises one or more unknown VNF(s) to go around the access control policy. We experimentally evaluate the return solutions according to the size of the NFV service, the size of the policy to be deployed and the number of physical servers that host the VNF service.},
keywords = {Accounting, Configuration, Network virtualization; FCAPS: Fault, Performance and Security Management; Cybersystems, Security and Reliability in Network Softwarization and Management; Network security; Policybased management},
pubstate = {published},
tppubtype = {inproceedings}
}
Lübben, Christian; Schäffner, Simon; Pahl, Marc-Oliver
Continuous Microservice Re-Placement in the IoT Inproceedings
In: NOMS 2022 Workshops - Manage-IoT 2022 (), 2022.
Abstract | Links | BibTeX | Tags: Internet of Things (IoT)
@inproceedings{222206,
title = {Continuous Microservice Re-Placement in the IoT},
author = {Christian L\"{u}bben and Simon Sch\"{a}ffner and Marc-Oliver Pahl},
url = {http://XXXXX/222206.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 Workshops - Manage-IoT 2022 ()},
abstract = {The Internet of Things (IoT) consists of constraint devices. There is a continuous increase in processing power and a recent trend towards microservice architectures. Both make it possible to place IoT microservices on the distributed edge nodes of an IoT site. The identification of a suitable placement of services creates an open challenge. The IoT sets special demands due to its heterogeneous, and often constraint resources. This paper presents a service placement strategy that is adapted to the IoT. It assesses the differences between the IoT and previous service placement problem domains. The results show that the presented service placement strategy outperforms existing ones from other domains. This particularly holds for the optimization of the overall system performance.},
keywords = {Internet of Things (IoT)},
pubstate = {published},
tppubtype = {inproceedings}
}
Dimov, Valentin; Kirdan, Erkin; Pahl, Marc-Oliver
Resource tradeoffs for TLS-secured MQTT-based IoT Management Inproceedings
In: NOMS 2022 Workshops - Manage-IoT 2022 (), 2022.
Abstract | Links | BibTeX | Tags: Case Studies, Testbeds and Practical Experiences; Internet of Things (IoT); Applications and case studies; Sensor networks
@inproceedings{222179,
title = {Resource tradeoffs for TLS-secured MQTT-based IoT Management},
author = {Valentin Dimov and Erkin Kirdan and Marc-Oliver Pahl},
url = {http://XXXXX/222179.pdf},
year = {2022},
date = {2022-04-01},
booktitle = {NOMS 2022 Workshops - Manage-IoT 2022 ()},
abstract = {Transport Layer Security (TLS) is an established Internet security standard. TLS offers a variety of configuration options that affect resource consumption. For deployments of constrained devices in the Internet of Things (IoT), it is crucial to optimize TLSs resource consumption. This study examines how the TLS cryptographic algorithms, so-called cipher suites, affect an MQTT applications resource consumption. MQTT is a popular protocol for IoT. We construct a model application using the Mosquitto MQTT broker and client library. We measure the consumption of CPU cycles, memory, and network bandwidth with the IANA-recommended TLS 1.2 and TLS 1.3 cipher suites. We test and compare different variants for the key exchange, server authentication, client authentication, and symmetric encryption algorithms, as well as recommended elliptic curves for elliptic curve cryptography (ECC) algorithms. We identify ECDHE key exchange with the x25519 curve and mutual PSK authentication as the best handshake performance. Ed25519 provides the best performance among the certificate authentication options. The effect of choosing a faster symmetric cipher on CPU costs depends on message size. Changing symmetric ciphers does not affect the performance for 100 B messages, but more differences are observed for 10 kB messages. Overall, the findings show that resource consumption can be optimized by choosing the cipher suite and adjusting the length and rate of MQTT messages. Optimized resource consumption enables reliable management of MQTT-based IoT.},
keywords = {Case Studies, Testbeds and Practical Experiences; Internet of Things (IoT); Applications and case studies; Sensor networks},
pubstate = {published},
tppubtype = {inproceedings}
}
Segovia, Mariana; Garcia-Alfaro, Joaquin; Kranakis,
Design, Modeling and Implementation of Digital Twins Journal Article
In: Sensors, vol. 22, no. 14, pp. 5396, 2022.
@article{segovia2022,
title = {Design, Modeling and Implementation of Digital Twins},
author = {Mariana Segovia and Joaquin Garcia-Alfaro and Kranakis},
url = {https://doi.org/10.3390/s22145396},
year = {2022},
date = {2022-01-01},
journal = {Sensors},
volume = {22},
number = {14},
pages = {5396},
publisher = {Multidisciplinary Digital Publishing Institute},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
2021
Kabil, Alexandre; Duval, Thierry; Pahl, Marc-Oliver
Training and Data Analysis use cases for Cybersecurity through Mixed Reality Applications Workshop
2021.
@workshop{KabilVR4Sec21,
title = {Training and Data Analysis use cases for Cybersecurity through Mixed Reality Applications},
author = {Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-08-06},
urldate = {2021-08-06},
abstract = {In this paper, we will discuss our point of view of the use of
Mixed Environments for Cybersecurity, especially for training
and data analysis purposes. We will argue that Collaborative
Mixed Environments could merge training and analysis approaches by providing users several points of view on cyber
situations.},
howpublished = {VR4Sec: 1st International Workshop on Security for XR and XR for Security},
keywords = {},
pubstate = {published},
tppubtype = {workshop}
}
Mixed Environments for Cybersecurity, especially for training
and data analysis purposes. We will argue that Collaborative
Mixed Environments could merge training and analysis approaches by providing users several points of view on cyber
situations.
Delcombel, Nicolas; Kabil, Alexandre; Duval, Thierry; Pahl, Marc-Oliver
CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks Workshop
2021.
Abstract | BibTeX | Tags: Cybersecurity, Security, Virtual reality, Visual analytics, Visualization, Visualization application domains
@workshop{Delcombel2021,
title = {CyberCopter: a 3D helical visualisation for periodic signals of cyber attacks},
author = {Nicolas Delcombel and Alexandre Kabil and Thierry Duval and Marc-Oliver Pahl},
year = {2021},
date = {2021-08-06},
urldate = {2021-08-06},
abstract = {this paper aims to asses the usefulness of 3D interactive interfaces to display periodic signals in a network. Past research has shown that 2D data visualization simplifies alerts classification. Including those drawn by periodicity based Intrusion Detection Systems. However, 2D visualisations have limitations such as screen space availability. This is why we created CyberCopter, a prototype that uses a 3D helical representation
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability},
howpublished = {VR4Sec: 1st International Workshop on Security for XR and XR for Security},
keywords = {Cybersecurity, Security, Virtual reality, Visual analytics, Visualization, Visualization application domains},
pubstate = {published},
tppubtype = {workshop}
}
to highlight periodic patterns in a dataset. We tested CyberCopter usability and efficiency in a fraud detection scenario. It scored 77 at the SUS questionnaire which demonstrates an acceptable usability
Lavaur, Leo; Pahl, Marc-Oliver; Busnel, Yann; Autrel, Fabien
Federated Security Approaches for IT and OT Inproceedings
In: pp. 2, 2021.
@inproceedings{Lavaur2021.gtsslr,
title = {Federated Security Approaches for IT and OT},
author = {Leo Lavaur and Marc-Oliver Pahl and Yann Busnel and Fabien Autrel},
year = {2021},
date = {2021-05-11},
urldate = {2021-05-11},
pages = {2},
abstract = {The Internet of Things has begun to spread over a variety of domains, including industry and finance. It represents an increasing threat for both IT and OT. The lack of collaboration results in the same attacks targeting different organizations one after the other. Often employed as an answer to this problem, cyber threat-intelligence sharing induces its own set of challenges: trust, privacy, and traceability.},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Wuestrich, Lars; Schröder, Lukas; Pahl, Marc-Oliver
Cyber-Physical Anomaly Detection for ICS Inproceedings
In: IFIP/IEEE International Symposium on Integrated Network Management co-located with IM, 2021.
Abstract | Links | BibTeX | Tags: and Dependability, Data and device security, Other aspects relevant to manage IoT systems., resilience, Security and Privacy, Survivability, Validation and Verification of data and functional
@inproceedings{213227,
title = {Cyber-Physical Anomaly Detection for ICS},
author = {Lars Wuestrich and Lukas Schr\"{o}der and Marc-Oliver Pahl},
url = {http://xxxxx/213227.pdf},
year = {2021},
date = {2021-05-01},
booktitle = {IFIP/IEEE International Symposium on Integrated Network Management co-located with IM},
abstract = {Industrial Control Systems (ICS) are complex systems made up of many components with different tasks. For a safe and secure operation, each device needs to carry out its tasks correctly. To monitor a system and ensure the correct behavior of systems anomaly detection systems are used. Models of expected behavior often rely only on cyber or physical features for anomaly detection. We propose an anomaly detection system that combines both types of features to create a dynamic fingerprint of an ICS. We present how such a system can be designed and which challenges need to be overcome for a successful implementation.},
keywords = {and Dependability, Data and device security, Other aspects relevant to manage IoT systems., resilience, Security and Privacy, Survivability, Validation and Verification of data and functional},
pubstate = {published},
tppubtype = {inproceedings}
}
Paiho, Satu; Kiljander, Jussi; Sarala, Roope; Siikavirta, Hanne; Kilkki, Olli; Bajpai, Arpit; Duchon, Markus; Pahl, Marc-Oliver; Wüstrich, Lars; Lübben, Christian; others,
Towards cross-commodity energy-sharing communities ---A review of the market, regulatory, and technical situation Journal Article
In: Renewable and Sustainable Energy Reviews, vol. 151, pp. 111568, 2021.
BibTeX | Tags:
@article{paiho2021towards,
title = {Towards cross-commodity energy-sharing communities ---A review of the market, regulatory, and technical situation},
author = {Satu Paiho and Jussi Kiljander and Roope Sarala and Hanne Siikavirta and Olli Kilkki and Arpit Bajpai and Markus Duchon and Marc-Oliver Pahl and Lars W\"{u}strich and Christian L\"{u}bben and others},
year = {2021},
date = {2021-01-01},
journal = {Renewable and Sustainable Energy Reviews},
volume = {151},
pages = {111568},
publisher = {Pergamon},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Navas, Renzo E; Cuppens, Frédéric; Cuppens, Nora Boulahia; Toutain, Laurent; Papadopoulos, Georgios Z
Physical resilience to insider attacks in IoT networks: Independent cryptographically secure sequences for DSSS anti-jamming Journal Article
In: Computer Networks, vol. 187, pp. 107751, 2021.
BibTeX | Tags:
@article{navas2021physical,
title = {Physical resilience to insider attacks in IoT networks: Independent cryptographically secure sequences for DSSS anti-jamming},
author = {Renzo E Navas and Fr\'{e}d\'{e}ric Cuppens and Nora Boulahia Cuppens and Laurent Toutain and Georgios Z Papadopoulos},
year = {2021},
date = {2021-01-01},
journal = {Computer Networks},
volume = {187},
pages = {107751},
publisher = {Elsevier},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Dernaika, Farah; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Raynaud, Olivier
A Posteriori Analysis of Policy Temporal Compliance Inproceedings
In: Risks and Security of Internet and Systems: 15th International Conference, CRiSIS 2020, Paris, France, November 4--6, 2020, Revised Selected Papers 15, pp. 133–148, Springer International Publishing 2021.
BibTeX | Tags:
@inproceedings{dernaika2021posteriori,
title = {A Posteriori Analysis of Policy Temporal Compliance},
author = {Farah Dernaika and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Olivier Raynaud},
year = {2021},
date = {2021-01-01},
booktitle = {Risks and Security of Internet and Systems: 15th International Conference, CRiSIS 2020, Paris, France, November 4--6, 2020, Revised Selected Papers 15},
pages = {133--148},
organization = {Springer International Publishing},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Navas, Renzo E; Cuppens, Frederic; Cuppens, Nora Boulahia; Toutain, Laurent; Papadopoulos, Georgios Z
MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT Journal Article
In: IEEE Internet of Things Journal, vol. 8, no. 10, pp. 7818–7832, 2021, ISSN: 23274662.
Abstract | Links | BibTeX | Tags: Cyber security, entropy, Internet of Things (IoT), metrics, moving target defense (MTD), Systematic literature review
@article{Navas2021,
title = {MTD, Where Art Thou? A Systematic Review of Moving Target Defense Techniques for IoT},
author = {Renzo E Navas and Frederic Cuppens and Nora Boulahia Cuppens and Laurent Toutain and Georgios Z Papadopoulos},
doi = {10.1109/JIOT.2020.3040358},
issn = {23274662},
year = {2021},
date = {2021-01-01},
journal = {IEEE Internet of Things Journal},
volume = {8},
number = {10},
pages = {7818--7832},
abstract = {Context: Internet-of-Things (IoT) systems are increasingly deployed in the real world, but their security lags behind the state of the art of non-IoT systems. Moving target defense (MTD) is a cyberdefense paradigm, successfully implemented in conventional systems, that could improve IoT security. Objective: Identify and synthesize existing MTD techniques for IoT and validate the feasibility of MTD as a cybersecurity paradigm suitable for IoT systems. Method: We use a systematic literature review method to search and analyze existing MTD for IoT techniques up to July 2020. We evaluated the existing techniques in terms of security foundations and real-world deployability using the evidence they provide. We define and use entropy-related metrics to categorize them. This is the first MTD survey to use Shannon's entropy metric empirically. Results: Thirty-two distinct MTD for IoT techniques exist: 54% are Network-layer-based, 50% present strong evidence about their real-world deployment, and 64% have weak security foundations. Conclusion: MTD for IoT is a feasible cyberdefense approach. A variety of proposals exist, with evidence about their implementation and evaluation. Nevertheless, the MTD for IoT state of the art is still immature: the security foundations of most existing proposals are weak. Novel techniques should prioritize providing convincing security foundations and real-world deployment evidence.},
keywords = {Cyber security, entropy, Internet of Things (IoT), metrics, moving target defense (MTD), Systematic literature review},
pubstate = {published},
tppubtype = {article}
}
Kilger, Fabian; Kabil, Alexandre; Tippmann, Volker; Klinker, Gudrun; Pahl, Marc-Oliver
Detecting and Preventing Faked Mixed Reality Inproceedings
In: 2021 IEEE 4th International Conference on Multimedia Information Processing and Retrieval (MIPR), pp. 399-405, 2021.
@inproceedings{9565553,
title = {Detecting and Preventing Faked Mixed Reality},
author = {Fabian Kilger and Alexandre Kabil and Volker Tippmann and Gudrun Klinker and Marc-Oliver Pahl},
doi = {10.1109/MIPR51284.2021.00074},
year = {2021},
date = {2021-01-01},
booktitle = {2021 IEEE 4th International Conference on Multimedia Information Processing and Retrieval (MIPR)},
pages = {399-405},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Bender, Melvin; Kirdan, Erkin; Pahl, Marc-Oliver; Carle, Georg
Open-Source MQTT Evaluation Inproceedings
In: 2021 IEEE 18th Annual Consumer Communications & Networking Conference (CCNC), pp. 1–4, IEEE 2021.
BibTeX | Tags:
@inproceedings{bender2021open,
title = {Open-Source MQTT Evaluation},
author = {Melvin Bender and Erkin Kirdan and Marc-Oliver Pahl and Georg Carle},
year = {2021},
date = {2021-01-01},
booktitle = {2021 IEEE 18th Annual Consumer Communications \& Networking Conference (CCNC)},
pages = {1--4},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Smine, Manel; Espes, David; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Pahl, Marc-Oliver
A Priority-Based Domain Type Enforcement for Exception Management Inproceedings
In: Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1--3, 2020, Revised Selected Papers, pp. 65, Springer Nature 2021.
BibTeX | Tags:
@inproceedings{pahl2021priority,
title = {A Priority-Based Domain Type Enforcement for Exception Management},
author = {Manel Smine and David Espes and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Marc-Oliver Pahl},
year = {2021},
date = {2021-01-01},
booktitle = {Foundations and Practice of Security: 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1--3, 2020, Revised Selected Papers},
volume = {12637},
pages = {65},
organization = {Springer Nature},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Mühlbauer, Nikolas; Kirdan, Erkin; Pahl, Marc-Oliver; Waedt, Karl
Feature-based Comparison of Open Source OPC-UA Implementations Journal Article
In: INFORMATIK 2020, 2021.
BibTeX | Tags:
@article{muhlbauer2021feature,
title = {Feature-based Comparison of Open Source OPC-UA Implementations},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc-Oliver Pahl and Karl Waedt},
year = {2021},
date = {2021-01-01},
journal = {INFORMATIK 2020},
publisher = {Gesellschaft f\"{u}r Informatik, Bonn},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Pahl, Marc-Oliver; Bauer, Florian; Lüubben, Christian
Pipeline for Crowdsourced IoT Data-Modeling with AI-Supported Convergence Inproceedings
In: 2021 IFIP/IEEE International Symposium on Integrated Network Management (IM), pp. 702–706, IEEE 2021.
BibTeX | Tags:
@inproceedings{pahl2021pipeline,
title = {Pipeline for Crowdsourced IoT Data-Modeling with AI-Supported Convergence},
author = {Marc-Oliver Pahl and Florian Bauer and Christian L\"{u}ubben},
year = {2021},
date = {2021-01-01},
booktitle = {2021 IFIP/IEEE International Symposium on Integrated Network Management (IM)},
pages = {702--706},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Barbeau, Michel; Cuppens, Frédéric; Cuppens, Nora; Dagnas, Romain; Garcia-Alfaro, Joaquin
Metrics to enhance the resilience of cyber-physical systems Inproceedings
In: 2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), pp. 1167–1172, IEEE 2021.
@inproceedings{barbeau2021metrics,
title = {Metrics to enhance the resilience of cyber-physical systems},
author = {Michel Barbeau and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens and Romain Dagnas and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1109/TrustCom50675.2020.00156},
doi = {10.1109/TrustCom50675.2020.00156},
year = {2021},
date = {2021-01-01},
booktitle = {2020 IEEE 19th International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom)},
pages = {1167--1172},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Garcia-Alfaro, Joaquin; Leneutre, Jean; Cuppens, Nora; Yaich, Reda
Springer, 2021.
@book{lncs12528,
title = {Risks and Security of Internet and Systems, 15th International Conference, CRiSIS 2020, Paris, France, November 4--6, 2020, Revised Selected Papers},
author = {Joaquin Garcia-Alfaro and Jean Leneutre and Nora Cuppens and Reda Yaich},
url = {https://doi.org/10.1007/978-3-030-68887-5},
doi = {10.1007/978-3-030-68887-5},
year = {2021},
date = {2021-01-01},
publisher = {Springer},
series = {LNCS 12528},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Barbeau, Michel; Cuppens, Frédéric; Cuppens, Nora; Dagnas, Romain; Garcia-Alfaro, Joaquin
Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics Journal Article
In: IEEE Access, vol. 9, pp. 46462–46475, 2021.
@article{barbeau2021resilience,
title = {Resilience Estimation of Cyber-Physical Systems via Quantitative Metrics},
author = {Michel Barbeau and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens and Romain Dagnas and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1109/ACCESS.2021.3066108},
doi = {10.1109/ACCESS.2021.3066108},
year = {2021},
date = {2021-01-01},
journal = {IEEE Access},
volume = {9},
pages = {46462--46475},
publisher = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Nicolescu, Gabriela; Tria, Assia; Fernandez, Jose M.; Marion, Jean-Yves; Garcia-Alfaro, Joaquin
Springer, 2021.
@book{lncs12637,
title = {Foundations and Practice of Security, 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1--3, 2020, Revised Selected Papers},
author = {Gabriela Nicolescu and Assia Tria and Jose M. Fernandez and Jean-Yves Marion and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-70881-8},
doi = {10.1007/978-3-030-70881-8},
year = {2021},
date = {2021-01-01},
publisher = {Springer},
series = {LNCS 12637},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
2020
Segovia, Mariana; Rubio-Hernan, Jose; Cavalli, Ana R; Garcia-Alfaro, Joaquin
Switched-based Resilient Control of Cyber-Physical Systems Journal Article
In: IEEE Access, 2020.
@article{segovia2020switched,
title = {Switched-based Resilient Control of Cyber-Physical Systems},
author = {Mariana Segovia and Jose Rubio-Hernan and Ana R Cavalli and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1109/ACCESS.2020.3039879},
doi = {10.1109/ACCESS.2020.3039879},
year = {2020},
date = {2020-11-01},
journal = {IEEE Access},
publisher = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Bourget, Edwin; Cuppens, Frédéric; Cuppens-Boulahia, Nora
PROS2E, a Probabilistic Representation of Safety and Security Events for Diagnosis Inproceedings
In: Proceedings of the 6th ACM on Cyber-Physical System Security Workshop, pp. 30–41, ACM, New York, NY, USA, 2020, ISBN: 9781450376082.
Abstract | Links | BibTeX | Tags: countermeasures, Cyber-Physical Systems, diagnosis, event model, industrial systems, safety, Security
@inproceedings{Bourget2020b,
title = {PROS2E, a Probabilistic Representation of Safety and Security Events for Diagnosis},
author = {Edwin Bourget and Fr\'{e}d\'{e}ric Cuppens and Nora Cuppens-Boulahia},
url = {https://dl.acm.org/doi/10.1145/3384941.3409590},
doi = {10.1145/3384941.3409590},
isbn = {9781450376082},
year = {2020},
date = {2020-10-01},
booktitle = {Proceedings of the 6th ACM on Cyber-Physical System Security Workshop},
pages = {30--41},
publisher = {ACM},
address = {New York, NY, USA},
abstract = {The recent and increasing interconnection of industrial systems with information technologies creates a new paradigm in which new challenges arise. Being able to provide an explanation when accidents and attacks strike the system is one of them. This article presents an event model designed to provide useful and relevant information for diagnosis of safety and security events. We provide a means for system experts to model elementary events that are automatically recombined in complex and complete scenarios. We specifically focus on the ability to represent countermeasures and sequences of events, recurrent problems in the literature. We also introduce a means to precisely measure the wear of components, an important feature for the model to obtain accurate values. We showcase the use of our model for diagnosis purposes on a cyber-physical system testbed.},
keywords = {countermeasures, Cyber-Physical Systems, diagnosis, event model, industrial systems, safety, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Benzekri, Abdelmalek; Barbeau, Michel; Gong, Guang; Laborde, Romain; Garcia-Alfaro, Joaquin
Foundations and Practice of Security Book
Springer, 2020.
@book{lncs12056,
title = {Foundations and Practice of Security},
author = {Abdelmalek Benzekri and Michel Barbeau and Guang Gong and Romain Laborde and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-45371-8},
doi = {10.1007/978-3-030-45371-8},
year = {2020},
date = {2020-04-01},
publisher = {Springer},
series = {LNCS 12056},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Segovia, Mariana; Cavalli, Ana; Cuppens, Nora; Rubio-Hernan, Jose; Garcia-Alfaro, Joaquin
Reflective Attenuation of Cyber-Physical Attacks Inproceedings
In: 5th Workshop on the Security of Industrial Control Systems & of Cyber-Physical Systems (CyberICPS 2019), 24th European Symposium on Research in Computer Security (ESORICS 2019), vol 11980, pp. 19–34, Springer, 2020.
@inproceedings{segovia2019cybericps,
title = {Reflective Attenuation of Cyber-Physical Attacks},
author = {Mariana Segovia and Ana Cavalli and Nora Cuppens and Jose Rubio-Hernan and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-42048-2_2},
doi = {10.1007/978-3-030-42048-2_2},
year = {2020},
date = {2020-02-01},
booktitle = {5th Workshop on the Security of Industrial Control Systems \& of Cyber-Physical Systems (CyberICPS 2019), 24th European Symposium on Research in Computer Security (ESORICS 2019), vol 11980},
pages = {19--34},
publisher = {Springer},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Katsikas, Sokratis; Cuppens, Frederic; Cuppens, Nora; Lambrinoudakis, Costas; Kalloniatis, Christos; Mylopoulos, John; Anton, Annie; Gritzalis, Stefanos; Pallas, Frank; Pohle, Jorg; Sasse, Angela; Meng, Weizhi; Furnell, Steven; Garcia-Alfaro, Joaquin
Springer, 2020.
@book{lncs11980,
title = {Computer Security, ESORICS 2019 International Workshops, CyberICPS, SECPRE, SPOSE, and ADIoT, Luxembourg City, Luxembourg, September 26--27, 2019 Revised Selected Papers},
author = {Sokratis Katsikas and Frederic Cuppens and Nora Cuppens and Costas Lambrinoudakis and Christos Kalloniatis and John Mylopoulos and Annie Anton and Stefanos Gritzalis and Frank Pallas and Jorg Pohle and Angela Sasse and Weizhi Meng and Steven Furnell and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-42048-2},
doi = {10.1007/978-3-030-42048-2},
year = {2020},
date = {2020-02-01},
publisher = {Springer},
series = {LNCS 11980},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Fournaris, Apostolos; Athanatos, Manos; Lampropoulos, Konstantinos; Ioannidis, Sotiris; Hatzivasilis, George; Damiani, Ernesto; Abie, Habtamu; Ranise, Silvio; Verderame, Luca; Siena, Alberto; Garcia-Alfaro, Joaquin
Springer, 2020.
@book{lncs11981,
title = {Computer Security, ESORICS 2019 International Workshops, IOSec, MSTEC, and FINSEC, Luxembourg City, Luxembourg, September 26--27, 2019, Revised Selected Papers},
author = {Apostolos Fournaris and Manos Athanatos and Konstantinos Lampropoulos and Sotiris Ioannidis and George Hatzivasilis and Ernesto Damiani and Habtamu Abie and Silvio Ranise and Luca Verderame and Alberto Siena and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-42051-2},
doi = {10.1007/978-3-030-42051-2},
year = {2020},
date = {2020-02-01},
publisher = {Springer},
series = {LNCS 11981},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Pahl, Marc-Oliver
iLab@ Home: Hands-On Networking Classes without Lab Access Inproceedings
In: Sigcomm 2020 Education, 2020.
BibTeX | Tags:
@inproceedings{pahl2020ilab,
title = {iLab@ Home: Hands-On Networking Classes without Lab Access},
author = {Marc-Oliver Pahl},
year = {2020},
date = {2020-01-01},
booktitle = {Sigcomm 2020 Education},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Dernaika, Farah; Cuppens-Boulahia, Nora; Cuppens, Frédéric; Raynaud, Olivier
Accountability in the A Posteriori Access Control: A Requirement and a Mechanism Inproceedings
In: International Conference on the Quality of Information and Communications Technology, pp. 332–342, Springer 2020.
BibTeX | Tags:
@inproceedings{dernaika2020accountability,
title = {Accountability in the A Posteriori Access Control: A Requirement and a Mechanism},
author = {Farah Dernaika and Nora Cuppens-Boulahia and Fr\'{e}d\'{e}ric Cuppens and Olivier Raynaud},
year = {2020},
date = {2020-01-01},
booktitle = {International Conference on the Quality of Information and Communications Technology},
pages = {332--342},
organization = {Springer},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Pahl, Marc-Oliver; Kabil, Alexandre; Bourget, Edwin; Gay, Matthieu; Brun, Paul-Emmanuel
A Mixed-Interaction Critical Infrastructure Honeypot Journal Article
In: European Cyber Week CAESAR, 2020, Rennes, France, 2020.
BibTeX | Tags:
@article{Pahl2020,
title = {A Mixed-Interaction Critical Infrastructure Honeypot},
author = {Marc-Oliver Pahl and Alexandre Kabil and Edwin Bourget and Matthieu Gay and Paul-Emmanuel Brun},
year = {2020},
date = {2020-01-01},
journal = {European Cyber Week CAESAR, 2020, Rennes, France},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Piccoli, Alessandro; Pahl, Marc-Oliver; Fries, Steffen; Sel, Tolga
Ensuring Consistency for Asynchronous Group-Key Management in the Industrial IoT Inproceedings
In: International Conference on Network and Service Management (CNSM 2020)(CNSM 2020), Izmir, Turkey, 2020.
BibTeX | Tags:
@inproceedings{piccoli2020ensuring,
title = {Ensuring Consistency for Asynchronous Group-Key Management in the Industrial IoT},
author = {Alessandro Piccoli and Marc-Oliver Pahl and Steffen Fries and Tolga Sel},
year = {2020},
date = {2020-01-01},
booktitle = {International Conference on Network and Service Management (CNSM 2020)(CNSM 2020), Izmir, Turkey},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Sharma, Neetu; Sahu, Rajeev Anand; Saraswat, Vishal; Garcia-Alfaro, Joaquin
Anonymous proof-of-asset transactions using designated blind signatures Technical Report
2020.
@techreport{sharma2020anonymousTechRep,
title = {Anonymous proof-of-asset transactions using designated blind signatures},
author = {Neetu Sharma and Rajeev Anand Sahu and Vishal Saraswat and Joaquin Garcia-Alfaro},
url = {https://arxiv.org/pdf/2009.13978},
year = {2020},
date = {2020-01-01},
journal = {arXiv preprint arXiv:2009.13978},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Sharma, Neetu; Sahu, Rajeev Anand; Saraswat, Vishal; Garcia-Alfaro, Joaquin
Anonymous Proof-of-Asset Transactions Using Designated Blind Signatures Inproceedings
In: Foundations and Practice of Security - 13th International Symposium, FPS 2020, Montreal, QC, Canada, December 1-3, 2020, Revised Selected Papers, pp. 137–146, Springer, 2020.
@inproceedings{sharma2020anonymous,
title = {Anonymous Proof-of-Asset Transactions Using Designated Blind Signatures},
author = {Neetu Sharma and Rajeev Anand Sahu and Vishal Saraswat and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1007/978-3-030-70881-8_9},
doi = {10.1007/978-3-030-70881-8_9},
year = {2020},
date = {2020-01-01},
booktitle = {Foundations and Practice of Security - 13th International Symposium,
FPS 2020, Montreal, QC, Canada, December 1-3, 2020, Revised Selected
Papers},
volume = {12637},
pages = {137--146},
publisher = {Springer},
series = {Lecture Notes in Computer Science},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Piccoli, A; Pahl, M-O; Wüstrich, L
Group Key Management in constrained IoT Settings Inproceedings
In: Proceedings - IEEE Symposium on Computers and Communications, 2020, ISSN: 15301346.
Abstract | Links | BibTeX | Tags: autonomous management, constrained nodes, group key management, IoT, reliability, Security
@inproceedings{Piccoli2020,
title = {Group Key Management in constrained IoT Settings},
author = {A Piccoli and M-O Pahl and L W\"{u}strich},
doi = {10.1109/ISCC50000.2020.9219619},
issn = {15301346},
year = {2020},
date = {2020-01-01},
booktitle = {Proceedings - IEEE Symposium on Computers and Communications},
volume = {2020-July},
abstract = {textcopyright 2020 IEEE. The Internet of Things (IoT) enables software to orchestrate physical spaces. Due to the increased impact, IoT communication in factories, households, or critical infrastructures has to be highly secured. Besides point-to-point communication, group communication is frequently used in the IoT. Securing it typically requires the exchange of cryptographic keys. Several protocols have been proposed for such Group Key Management (GKM). They vary in their targeted settings, in their Key Distribution Model, Architecture Model, Reliability Properties, and Protocol Overhead. This paper surveys existing GKM mechanisms, analyzes their suitability for constrained IoT settings, and identifies open issues that require further research.},
keywords = {autonomous management, constrained nodes, group key management, IoT, reliability, Security},
pubstate = {published},
tppubtype = {inproceedings}
}
Segovia, Mariana; Rubio-Hernan, Jose; Cavalli, Ana R; Garcia-Alfaro, Joaquin
Cyber-Resilience Evaluation of Cyber-Physical Systems Inproceedings
In: 2020 IEEE 19th International Symposium on Network Computing and Applications (NCA), pp. 1–8, IEEE 2020.
@inproceedings{segovia2020nca,
title = {Cyber-Resilience Evaluation of Cyber-Physical Systems},
author = {Mariana Segovia and Jose Rubio-Hernan and Ana R Cavalli and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1109/NCA51143.2020.9306741},
doi = {10.1109/NCA51143.2020.9306741},
year = {2020},
date = {2020-01-01},
booktitle = {2020 IEEE 19th International Symposium on Network Computing and Applications (NCA)},
pages = {1--8},
organization = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Segovia, Mariana; Rubio-Hernan, Jose; Cavalli, Ana; Garcia-Alfaro, Joaquin
Cyber-Resilience Evaluation of Cyber-Physical Systems (Technical Report) Technical Report
2020.
@techreport{segovia2020ncaTechRep,
title = {Cyber-Resilience Evaluation of Cyber-Physical Systems (Technical Report)},
author = {Mariana Segovia and Jose Rubio-Hernan and Ana Cavalli and Joaquin Garcia-Alfaro},
url = {https://arxiv.org/abs/2009.06927},
year = {2020},
date = {2020-01-01},
keywords = {},
pubstate = {published},
tppubtype = {techreport}
}
Laborde, Romain; Aitsaadi, Nadjib; Ghernaouti, Solange; Benzekri, Abdelmalek; Garcia-Alfaro, Joaquin
2020 4th Cyber Security in Networking Conference, CSNet 2020 Book
IEEE, 2020, ISBN: 978-1-6654-0458-7.
@book{CSNet2020,
title = {2020 4th Cyber Security in Networking Conference, CSNet 2020},
author = {Romain Laborde and Nadjib Aitsaadi and Solange Ghernaouti and Abdelmalek Benzekri and Joaquin Garcia-Alfaro},
url = {https://doi.org/10.1109/CSNet50428.2020},
doi = {10.1109/CSNet50428.2020},
isbn = {978-1-6654-0458-7},
year = {2020},
date = {2020-01-01},
publisher = {IEEE},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Garcia-Alfaro, Joaquin; Navarro-Arribas, Guillermo; Herrera-Joancomarti, Jordi
Data Privacy Management, Cryptocurrencies and Blockchain Technology Book
Springer, 2020.
@book{lncs12484,
title = {Data Privacy Management, Cryptocurrencies and Blockchain Technology},
author = {Joaquin Garcia-Alfaro and Guillermo Navarro-Arribas and Jordi Herrera-Joancomarti},
url = {https://link.springer.com/book/10.1007/978-3-030-66172-4},
doi = {10.1007/978-3-030-66172-4},
year = {2020},
date = {2020-01-01},
publisher = {Springer},
series = {LNCS 12484},
keywords = {},
pubstate = {published},
tppubtype = {book}
}
Barbeau, Michel; Garcia-Alfaro, Joaquin; Kranakis, Evangelos
Geocaching-Inspired Navigation for Micro Aerial Vehicles with Fallible Place Recognition Inproceedings
In: International Conference on Ad-Hoc Networks and Wireless, pp. 55–70, Springer 2020.
@inproceedings{barbeau2020geocaching,
title = {Geocaching-Inspired Navigation for Micro Aerial Vehicles with Fallible Place Recognition},
author = {Michel Barbeau and Joaquin Garcia-Alfaro and Evangelos Kranakis},
url = {https://doi.org/10.1007/978-3-030-61746-2_5},
doi = {10.1007/978-3-030-61746-2_5},
year = {2020},
date = {2020-01-01},
booktitle = {International Conference on Ad-Hoc Networks and Wireless},
pages = {55--70},
organization = {Springer},
keywords = {},
pubstate = {published},
tppubtype = {inproceedings}
}
Gonzalez-Granadillo, Gustavo; Doynikova, Elena; Garcia-Alfaro, Joaquin; Kotenko, Igor; Fedorchenko, Andrey
Stateful RORI-based countermeasure selection using hypergraphs Journal Article
In: Journal of Information Security and Applications, vol. 54, pp. 102562, 2020.
@article{gonzalez2020stateful,
title = {Stateful RORI-based countermeasure selection using hypergraphs},
author = {Gustavo Gonzalez-Granadillo and Elena Doynikova and Joaquin Garcia-Alfaro and Igor Kotenko and Andrey Fedorchenko},
url = {https://doi.org/10.1016/j.jisa.2020.102562},
doi = {10.1016/j.jisa.2020.102562},
year = {2020},
date = {2020-01-01},
journal = {Journal of Information Security and Applications},
volume = {54},
pages = {102562},
publisher = {Elsevier},
keywords = {},
pubstate = {published},
tppubtype = {article}
}
Mühlbauer, Nikolas; Kirdan, Erkin; Pahl, Marc Oliver; Carle, Georg
Open-Source OPC UA Security and Scalability Journal Article
In: IEEE International Conference on Emerging Technologies and Factory Automation, ETFA, vol. 2020-Septe, pp. 262–269, 2020, ISSN: 19460759.
Abstract | Links | BibTeX | Tags: OPC UA, open-source, scalability, Security
@article{Muhlbauer2020,
title = {Open-Source OPC UA Security and Scalability},
author = {Nikolas M\"{u}hlbauer and Erkin Kirdan and Marc Oliver Pahl and Georg Carle},
doi = {10.1109/ETFA46521.2020.9212091},
issn = {19460759},
year = {2020},
date = {2020-01-01},
journal = {IEEE International Conference on Emerging Technologies and Factory Automation, ETFA},
volume = {2020-Septe},
pages = {262--269},
abstract = {OPC UA is widely adopted for remote-control in industrial environments. It has a central role for industrial control systems as it enables remote management. Compromising OPC UA can lead to compromising entire production facilities. Consequently, OPC UA requires a high level of security. Major commercial OPC UA implementations have compliance certificates ensuring that their security models obey the specification. However, open-source OPC UA implementations that have wide deployment mostly lack these certificates. In this work, we investigate the security models of the four most commonly used open-source implementations: open62541, node-opcua, UA-.NETStandard, and python-opcua. Furthermore, their scalabilities for the number of clients and OPC UA nodes are also analyzed.},
keywords = {OPC UA, open-source, scalability, Security},
pubstate = {published},
tppubtype = {article}
}
Moussaileb, Routa; Cuppens, Nora; Lanet, Jean Louis; Bouder, Hélène Le
Ransomware Network Traffic Analysis for Pre-encryption Alert Journal Article
In: Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 12056 LNCS, pp. 20–38, 2020, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: Machine learning, Network traffic, Ransomware
@article{Moussaileb2020,
title = {Ransomware Network Traffic Analysis for Pre-encryption Alert},
author = {Routa Moussaileb and Nora Cuppens and Jean Louis Lanet and H\'{e}l\`{e}ne Le Bouder},
doi = {10.1007/978-3-030-45371-8_2},
issn = {16113349},
year = {2020},
date = {2020-01-01},
journal = {Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)},
volume = {12056 LNCS},
pages = {20--38},
abstract = {Cyber Security researchers are in an ongoing battle against ransomware attacks. Some exploits begin with social engineering methods to install payloads on victims' computers, followed by a communication with command and control servers for data exchange. To scale down these attacks, scientists should shed light on the danger of those rising intrusions to prevent permanent data loss. To join this arm race against malware, we propose in this paper an analysis of various ransomware families based on the collected system and network logs from a computer. We delve into malicious network traffic generated by these samples to perform a packet level detection. Our goal is to reconstruct ransomware's full activity to check if its network communication is distinguishable from benign traffic. Then, we examine if the first packet sent occurs before data's encryption to alert the administrators or afterwards. We aim to define the first occurrence of the alert raised by malicious network traffic and where it takes place in a ransomware workflow. Logs collected are available at http://serveur2.seres.rennes.telecom-bretagne.eu/data/RansomwareData/.},
keywords = {Machine learning, Network traffic, Ransomware},
pubstate = {published},
tppubtype = {article}
}
Kabil, Alexandre; Duval, Thierry; Cuppens, Nora
Alert characterization by non-expert users in a cybersecurity virtual environment: A usability study Inproceedings
In: Lecture Notes in Computer Science, pp. 82–101, 2020, ISSN: 16113349.
Abstract | Links | BibTeX | Tags: Cyber security, Usability study, Virtual reality
@inproceedings{Kabil2020b,
title = {Alert characterization by non-expert users in a cybersecurity virtual environment: A usability study},
author = {Alexandre Kabil and Thierry Duval and Nora Cuppens},
doi = {10.1007/978-3-030-58465-8_6},
issn = {16113349},
year = {2020},
date = {2020-01-01},
booktitle = {Lecture Notes in Computer Science},
volume = {12242 LNCS},
pages = {82--101},
abstract = {Although cybersecurity is a domain where data analysis and training are considered of the highest importance, few virtual environments for cybersecurity are specifically developed, while they are used efficiently in other domains to tackle these issues. By taking into account cyber analysts' practices and tasks, we have proposed the 3D Cyber Common Operational Picture model (3D CyberCOP), that aims at mediating analysts' activities into a Collaborative Virtual Environment (CVE), in which users can perform alert analysis scenarios. In this article, we present a usability study we have performed with non-expert users. We have proposed three virtual environments (a graph-based, an office-based, and the coupling of the two previous ones) in which users should perform a simplified alert analysis scenario based on the WannaCry ransomware. In these environments, users must switch between three views (alert, cyber and physical ones) which all contain different kinds of data sources. These data have to be used to perform the investigations and to determine if alerts are due to malicious activities or if they are caused by false positives. We have had 30 users, with no prior knowledge in cybersecurity. They have performed very well at the cybersecurity task and they have managed to interact and navigate easily. SUS usability scores were above 70 for the three environments and users have shown a preference towards the coupled environment, which was considered more practical and useful.},
keywords = {Cyber security, Usability study, Virtual reality},
pubstate = {published},
tppubtype = {inproceedings}
}
