The role of the adversary model in applied security research

Do, Quang; Martini, Ben; Choo, Kim‐Kwang Raymond

doi:10.1016/j.cose.2018.12.002

Cited by 91 publications

(44 citation statements)

References 40 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Regarding the threat model and similarly than in [7], we assume the well-known Dolev-Yao cryptographic model. Note that the model mentioned above is one the most common adversary models used to verify IoT proposals [26]. Conforming the model, the communication channel between the IMD and the Programmer is bidirectional and occurs via 2168-6750 (c) 2020 IEEE.…”

Section: Methodsmentioning

confidence: 99%

Access Control for Implantable Medical Devices

Cámara

Peris-López

Fuentes

et al. 2021

IEEE Trans. Emerg. Topics Comput.

View full text Add to dashboard Cite

The telemetry incorporate in the new generation of Implantable Medical Devices (IMDs) allows remote access and reprogramming without interfering with the daily routine of their holders. Despite the benefits of this new feature, such remote access raises new threats related to the access of unauthorized entities to IMDs. Cardiac implants represent the most deployed types of IMD nowadays. Current solutions, to control their remote access, usually use a single feature for authentication. However, this feature is easily replicable, making these authentication schemes vulnerable to attacks. To overcome this limitation, we propose in this article a distance bounding protocol to manage access control of IMDs: ACIMD. ACIMD combines two security mechanisms, namely, identity verification (authentication) and proximity verification (distance checking). The authentication mechanism, formally and informally verified, conforms to the ISO/IEC 9798-2 standard. The distance checking is performed using the whole Electrocardiogram (ECG) signal and relies on the correlation coefficient (comparing an external versus an internal ECG signal) in the Hadamard domain. We evaluate the accuracy and security of ACIMD access control using ECG signals of 199 individuals recorded over 24 hours while considering three adversary strategies. Our results show that ACIMD is 92.92% accurate.

show abstract

Section: Methodsmentioning

confidence: 99%

Access Control for Implantable Medical Devices

Cámara

Peris-López

Fuentes

et al. 2021

IEEE Trans. Emerg. Topics Comput.

View full text Add to dashboard Cite

show abstract

“…Table 2. Threat actors for the autonomous docking based on [64] with the dimensions from [65] Threat Actors…”

Section: Use Casementioning

confidence: 99%

“…The attacks can now be performed by an individual or group of threat actors, organisations, or nations/states, driven by various motivations from personal satisfaction, ideology, financial gain to state rivalry [73]. A categorisation of threat actors is presented in NIST's Guide for Conducting Risk Assessments [64], and the corresponding dimensions have been presented in [65]. In our autonomous docking use case, the threat actors may potentially hinder or attack the system.…”

Section: Use Casementioning

confidence: 99%

Security-Minded Verification of Space Systems

Maple

Bradbury

Yuan

et al. 2020

2020 IEEE Aerospace Conference

View full text Add to dashboard Cite

show abstract

“…Even if its removal is made possible that can only be done at the cost of demeaning the concerned host data medium. Several watermarking applications, for example, copyright protection or source authentication may have an active adversary [33]. These stated groups may participate in making several attempts that removes, forges, or invalidates the embedded watermarks.…”

Section: -Hash Functionsmentioning

confidence: 99%

List of Contributors

2019

Big Data Security

View full text Add to dashboard Cite

With the advent of a range of data-driven avenues and explosion of data, research in the field of big data has become an important thoroughfare. Big data produces exceptional amounts of data points, which give greater insights that determine sensational research, better business decisions, and greater value for customers. To accomplish these endings, establishments need to be able to handle the data while including measures for using sensitive private information efficiently and quickly, and thus the implementation of security issue creates a vigorous role. End-point devices create the main factors for observance of the big data. Processing, storage, and other necessary responsibilities have to be performed with the help of input data, which is generated by the end-points. Therefore, an association should make sure to use an authentic and valid end-point security. Due to large amounts of data generation, it is quite impossible to maintain regular checks by most of the establishments. Therefore, periodic observation and performing security checks can be utmost promising in real time. On the other hand, cloud-based storage has enabled data mining and collection. However, this big data and cloud storage incorporation have introduced concerns for data secrecy and security threats. This volume intends to deliberate some of the latest research findings regarding the security issues and mechanisms for big data. The volume comprises seven wellversed chapters on the subject. The introductory chapter provides a brief and concise overview of the subject matter with reference to the characteristics of big data, the inherent security concerns, and mechanisms for ensuring data integrity. Chapter 2 deals with the motivation for this research that came from lack of practical applications of block chain technology, its history, and the principle of how it functions within the digital identity and importance of EDU certificate transparency and challenges in their sharing. In the theoretical part of the chapter, a comparison of the "classical" identity and digital identity is set out, which is described through examples of personal identity cards and e-citizen systems. Then, following the introduction into block chain technology and describing the method of achieving consensus and transaction logging, the principle of smart contracts is described, which provide the ability to enter code or even complete applications and put them into block chains, enabling automation of a multitude of processes. The chapter also explains common platforms through examples that are described as business models that use block chain as a platform for developing their processes based on digital identity. Chapter 3 describes the anomaly detection procedure in cloud database metric. Each and every big data source or big database needs a security metric monitoring. The monitoring software collects various metrics with the help of custom codes, plugging, and so on. The chapter describes the approach of modifying the normal metric thresholding to anomaly det...

show abstract

The role of the adversary model in applied security research

Cited by 91 publications

References 40 publications

Access Control for Implantable Medical Devices

Access Control for Implantable Medical Devices

Security-Minded Verification of Space Systems

List of Contributors

Contact Info

Product

Resources

About