We have produced an ontology specifying a model of computer attacks. Our ontology is based upon an analysis of over 4,000 classes of computer attacks and their corresponding attack strategies, and is model is categorized according to: system component targeted, means of attack, consequence of attack and location of attacker. Our analysis indicates that non-kernel space applications are most lik...

Deep neural networks (DNNs) have achieved tremendous success in many tasks of machine learning, such as the image classification. Unfortunately, researchers have shown that DNNs are easily attacked by adversarial examples, slightly perturbed images which can mislead DNNs to give incorrect classification results. Such attack has seriously hampered the deployment of DNN systems in areas where sec...

Deep neural networks (DNNs) are sensitive to adversarial data in a variety of scenarios, including the black-box scenario, where attacker is only allowed query trained model and receive an output. Existing methods for creating instances costly, often using gradient estimation or training replacement network. This paper introduces \textbf{Qu}ery-Efficient \textbf{E}volutiona\textbf{ry} \textbf{A...

At IEEE RFID 2011, David et al. proposed a new cryptographic primitive for use with RFID [2]. The design is a stream cipher called A2U2. Shortly afterwards, an attack was published on IACR Eprint by Chai et al. [1], claiming to break the cipher in a chosen-plaintext attack using extremely little computational resources. Regrettably, this attack is wrong since it works with an erroneous descript...

The growing frequencies of extreme weather events and cyber-attacks give rise to a novel threat where malicious cyber actor aims disrupt stressed components critical infrastructure systems immediately before, during, or shortly after an event. In this paper, we initiate the study Compound Cyber–Physical Threats develop two-stage framework for analysis operational disruptions in electric power n...

Cyber attacks are becoming increasingly complex, especially when the target is a modern IT infrastructure, characterized by a layered architecture that integrates several security technologies such as firewalls and intrusion detection systems. These contexts can be violated by a multistep attack, that is a complex attack strategy that comprises multiple correlated intrusion activities. While a ...

We use the knowledge of the single MD5 collision published by Wang et al. [2] to show an example of a pair of binary self-extract packages with equal MD5 checksums, whereas resulting extracted contracts have fundamentally different meaning. Secondly, we demonstrate how an attacker could create custom pair of such packages containing files arbitrarily chosen by the attacker with equal MD5 sums w...

We used discrete-event simulation to help the San Antonio public health and acute medical care communities to plan their response to a bioterrorist attack. The analysis, based on a scenario positing an attack with aerosolized smallpox, indicated the resources and strategies needed for an effective response. We found that a mixture of public-health measures designed to stop the spread of the dis...

results in this study, a significant relation was established between the three areas or domains of learning: 1) knowledge domain (learning the theoretical basis of necessity-based training); 2) motivational domain (how to motivate collection, classification, etc. and 3) the technical domain (how trauma experts and specialists can recognize and classify needs practically. our findings suggest t...

Cloud’s unrivaled cost effectiveness and on the fly operation versatility is attractive to enterprise and personal users. However, the cloud inherits a dangerous behavior from virtualization systems that poses a serious security risk: resource sharing. This work exploits a shared resource optimization technique called memory deduplication to mount a powerful known-ciphertext only cache side-cha...