Formal analysis for robust anti-SPIT protection using model checking
AbstractAnti-SPIT policies counter the SPam over Internet Telephony (SPIT) by distinguishing bots launching unsolicited bulks of VoIP calls from human beings. We propose an Anti-SPIT Policy Management...
View ArticleInsiders Trapped in the Mirror Reveal Themselves in Social Media
AbstractSocial media have widened society’s opportunities for communication, while they offer ways to perform employees’ screening and profiling. Our goal in this paper is to develop an insider threat...
View ArticleA Qualitative Metrics Vector for the Awareness of Smartphone Security Users
AbstractThe proliferation of smartphones introduced new challenges in the users’ security and privacy. Currently, the literature concentrates mainly on the ‘nuts and bolts’ of their security models....
View ArticleEvaluating the Manageability of Web Browsers Controls
AbstractThe proliferation of smartphones has introduced new challenges in web browsing security. These devices often have limited resources and small size, which may limit the security ‘arsenal’ of...
View ArticleOn Business Logic Vulnerabilities Hunting: The APP_LogGIC Framework
AbstractWhile considerable research effort has been put in the identification of technical vulnerabilities, such as buffer overflows or SQL injections, business logic vulnerabilities have drawn limited...
View ArticleThe Insider Threat in Cloud Computing
AbstractCloud computing is an emerging technology paradigm, enabling and facilitating the dynamic and versatile provision of computational resources and services. Even though the advantages offered by...
View ArticleInterdependencies between Critical Infrastructures: Analyzing the Risk of...
AbstractOne of the most challenging problems, when protecting critical infrastructures, is the identification and assessment of interdependencies. In this paper we examine the possible cumulative...
View ArticleCascading Effects of Common-Cause Failures in Critical Infrastructures
AbstractOne of the most challenging problems in critical infrastructure protection is the assessment and mitigation of cascading failures across infrastructures. In previous research, we have proposed...
View ArticleProbabilistic Model Checking of CAPTCHA Admission Control for DoS Resistant...
AbstractVoice over IP (VoIP) service is expected to play a key role to new ways of communication. It takes advantage of Internet Protocols by using packet networks to transmit voice and multimedia...
View ArticleIn Cloud We Trust: Risk-Assessment-as-a-Service
AbstractCloud computing is an emerging paradigm that allows adoption of on-demand services in a cost-effective way. Migrating services to the Cloud also means been exposed to new threats and...
View ArticleAssessing Privacy Risks in Android: A User-Centric Approach
AbstractThe increasing presence of privacy violating apps in app marketplaces poses a significant privacy risk for smartphone users. Current approaches assessing privacy risk lack user input, assuming...
View ArticleYoutube User and Usage Profiling: Stories of Political Horror and Security...
AbstractSocial media and Web 2.0 have enabled internet users to contribute online content, which may be crawled and utilized for a variety of reasons, from personalized advertising to behaviour...
View ArticleBusiness Process Modeling for Insider Threat Monitoring and Handling
AbstractBusiness process modeling has facilitated modern enterprises to cope with the constant need to increase their productivity, reduce costs and offer competitive products and services. Despite...
View ArticleSmart Home Solutions: Privacy Issues
AbstractSmart home solutions enable access to health-care services to patients by the use of ubiquitous, smart devices or sensors, at the convenience of their home. As in any health-care IT...
View ArticleUsing Centrality Measures in Dependency Risk Graphs for Efficient Risk...
AbstractOne way to model cascading critical infrastructure failures is through dependency risk graphs. These graphs help assess the expected risk of critical infrastructure dependency chains. This...
View ArticleAutomated Detection of Logical Errors in Programs
AbstractStatic and dynamic program analysis tools mostly focus on the detection of a priori defined defect patterns and security vulnerabilities. Automated detection of logical errors, due to a faulty...
View ArticleUsing Logical Error Detection in Software Controlling Remote-Terminal Units...
AbstractA method for predicting software failures to critical information infrastructures is presented in this paper. Software failures in critical infrastructures can stem from logical errors in the...
View Article
More Pages to Explore .....