Intruders often combine exploits against multiple vulnerabilities in order to break into the system. Each attack scenario is a sequence of exploits launched by an intruder that leads to an undesirable state such as access to a database, service disruption, etc. The collection of possible attack scenarios in a computer network can be represented by a directed graph, called network attack gra...

Smallpox virus, which is among the most dangerous organisms that might be used by bioterrorists, is not widely available. The international black market trade in weapons of mass destruction is probably the only means of acquiring the virus. Thus, only a terrorist supported by the resources of a rogue state would be able to procure and deploy smallpox. An attack using the virus would involve rel...

ly, an attack graph is a collection of scenarios showing how a malicious agent can compromise the integrity of a target system. Such graphs are a natural application of the scenario graph formalism defined in Chapter 2. With a suitable model of the system, we can use the techniques developed in Part I to generate attack graphs automatically. In this context, correctness properties specify the n...

Unintentional attacks on watermarking schemes lead to degrade the watermarking channel, while intentional attacks try to access the watermarking channel. Therefore, watermarking schemes should be robust and secure against unintentional and intentional attacks respectively. Usual security attack on watermarking schemes is the Known Message Attack (KMA). Most popular watermarking scheme with stru...

Intrusion Detection Systems (IDSs) are security tools widely used in computer networks. While they seem to be promising technologies, they pose some serious drawbacks: When utilized in large and high traffic networks, IDSs generate high volumes of low-level alerts which are hardly manageable. Accordingly, there emerged a recent track of security research, focused on alert correlation, which ext...

Building the attack scenario is the first step to understand an attack and extract useful attack intelligence. Existing attack scenario reconstruction approaches, however, suffer from several limitations that weaken the elicitation of the attack scenarios and decrease the quality of the generated attack scenarios. In this paper, we discuss the limitations of the existing attack scenario reconst...

Recently permutation multimedia ciphers were broken in a chosen-plaintext scenario. That attack models a very resourceful adversary which may not always be the case. To show insecurity of these ciphers, we present a cipher-text only attack on speech permutation ciphers. We show inherent redundancies of speech can pave the path for a successful cipher-text only attack. To that end, regularities ...

Cognitive Radio (CR) networks enable dynamic spectrum access and can significantly improve spectral efficiency. Cooperative Spectrum Sensing (CSS) exploits the spatial diversity between CR users to increase sensing accuracy. However, in a realistic scenario, the trustworthy of CSS is vulnerable to Spectrum Sensing Data Falsification (SSDF) attack. In an SSDF attack, some malicious CR users deli...

Cyber ​​threats have been extraordinary increased in recent years. Cyber ​​attackers, including government agencies or hackers, have made significant advances in the use of various tools for attacking target systems in some countries particularly on Islamic republic of Iran. The complexity of cyber threats and the devastating effects of them on critical systems highlights necessity of cyber thr...