Flush+Reload is a cache side-channel attack that monitors access to data in shared pages. In this paper we demonstrate how to use the attack to extract private encryption keys from GnuPG. The high resolution and low noise of the Flush+Reload attack enables a spy program to recover over 98% of the bits of the private key in a single decryption or signing round. Unlike previous attacks, the attac...

Content Delivery Networks (CDNs) are commonly believed to offer their customers protection against application-level denial of service (DoS) attacks. Indeed, a typical CDN with its vast resources can absorb these attacks without noticeable effect. This paper uncovers a vulnerability which not only allows an attacker to penetrate CDN’s protection, but to actually use a content delivery network t...

According to high development of internet and mobile internet technologies, more and more services and applications are researched and are becoming more and more important in people’s life. At the same time, there are still many risks that virus attack from internet. Network security is facing more challenges than before, such as attack method becoming more diversify, attack times are increasin...

This paper describes a software system that provides significant new capabilities for visualization and analysis of network attack graphs produced through Topological Vulnerability Analysis (TVA). The TVA approach draws on a database of known exploits and system vulnerabilities to provide a connected graph representing possible cyber-attack paths within a given network. Our visualization approa...

The paper presents an approach and formal framework for modeling attacks against computer network and its software implementation on the basis of a multi-agent architecture. The model of an attack is considered as a complex process of contest of adversary entities those are malefactor or team of malefactors, on the one hand, and network security system implementing a security policy, on the oth...

Let f and g be polynomials of a bounded Euclidean norm in the ring Z[X]/⟨X+1⟩. Given the polynomial [f/g]q ∈ Zq[X]/⟨X+1⟩, the NTRU problem is to find a, b ∈ Z[X]/⟨X + 1⟩ with a small Euclidean norm such that [a/b]q = [f/g]q. We propose an algorithm to solve the NTRU problem, which runs in 2 2 λ) time when ∥g∥, ∥f∥, and ∥g−1∥ are within some range. The main technique of our algorithm is the redu...

The prevalence of 19 elements of collective tactics in score efficient and score inefficient teams was analyzed in 90 First Croatian Handball League--Men games during the 1998-1999 season. Prediction variables were used to describe duration, continuity, system, organization and spatial direction of attacks. Analysis of the basic descriptive and distribution statistical parameters revealed norma...

This report presents a graph-based approach to network vulnerability analysis. The method is flexible, allowing analysis of attacks from both outside and inside the network. It can analyze risks to a specific network asset, or examine the universe of possible consequences following a successful attack. The analysis system requires as input a database of common attacks, broken into atomic steps,...