Biblio

Found 19604 results

Submitted
S. Chen, J. Weimer, M. Rickels, A. Peleckis, I. Lee.  Submitted.  Physiology-Invariant Meal Detection for Type 1 Diabetes. Diabetes Technology and Therapeutics", year 201.

online first

Van Goethem, Tom, Joosen, Wouter.  Submitted.  Towards Improving the Deprecation Process of Web Features through Progressive Web Security. 2022 IEEE Security and Privacy Workshops (SPW).
To keep up with the continuous modernization of web applications and to facilitate their development, a large number of new features are introduced to the web platform every year. Although new web features typically undergo a security review, issues affecting the privacy and security of users could still surface at a later stage, requiring the deprecation and removal of affected APIs. Furthermore, as the web evolves, so do the expectations in terms of security and privacy, and legacy features might need to be replaced with improved alternatives. Currently, this process of deprecating and removing features is an ad-hoc effort that is largely uncoordinated between the different browser vendors. This causes a discrepancy in terms of compatibility and could eventually lead to the deterrence of the removal of an API, prolonging potential security threats. In this paper we propose a progressive security mechanism that aims to facilitate and standardize the deprecation and removal of features that pose a risk to users’ security, and the introduction of features that aim to provide additional security guarantees.
Abraham P. Vinod, Baisravan HomChaudhuri, Christop Hintz, Anup Parikh, Stephen P. Buerger, Meeko Oishi, Rafael Fierro.  Submitted.  Coordinated threat intercept via forward stochastic reachability. American Control Conference} year = {2018.

under review

Christopher Theisen, Brendan Murphy, Kim Herzig, Laurie Williams.  Submitted.  Risk-Based Attack Surface Approximation: How Much Data is Enough? International Conference on Software Engineering (ICSE) Software Engineering in Practice (SEIP) 2017.

Proactive security reviews and test efforts are a necessary component of the software development lifecycle. Resource limitations often preclude reviewing the entire code
base. Making informed decisions on what code to review can improve a team’s ability to find and remove vulnerabilities. Risk-based attack surface approximation (RASA) is a technique that uses crash dump stack traces to predict what code may contain exploitable vulnerabilities. The goal of this research is to help software development teams prioritize security efforts by the efficient development of a risk-based attack surface approximation. We explore the use of RASA using Mozilla Firefox and Microsoft Windows stack traces from crash dumps. We create RASA at the file level for Firefox, in which the 15.8% of the files that were part of the approximation contained 73.6% of the vulnerabilities seen for the product. We also explore the effect of random sampling of crashes on the approximation, as it may be impractical for organizations to store and process every crash received. We find that 10-fold random sampling of crashes at a rate of 10% resulted in 3% less vulnerabilities identified than using the entire set of stack traces for Mozilla Firefox. Sampling crashes in Windows 8.1 at a rate of 40% resulted in insignificant differences in vulnerability and file coverage as compared to a rate of 100%.

Weerakkody, Sean, Ozel, Omur, Griffioen, Paul, Sinopoli, Bruno.  Submitted.  Active Detection for Exposing Intelligent Attacks in Control Systems. 1st IEEE Conference on Control Technology and Applications.
Chauhan, Ruchir, Gerdes, Ryan M, Heaslip, Kevin.  Submitted.  Attack Against an FMCW Radar.
Ashiq Rahman, Ehab Al-Shaer.  Submitted.  Automated Synthesis of Resilient Network Access Controls: A Formal Framework with Refinement. IEEE Transactions of Parallel and Distributed Computing (TPDC),.

Due to the extensive use of network services and emerging security threats, enterprise networks deploy varieties of security devices for controlling resource access based on organizational security requirements. These requirements need fine-grained access control rules based on heterogeneous isolation patterns like access denial, trusted communication, and payload inspection. Organizations are also seeking for usable and optimal security configurations that can harden the network security within enterprise budget constraints. In order to design a security architecture, i.e., the distribution of security devices along with their security policies, that satisfies the organizational security requirements as well as the business constraints, it is required to analyze various alternative security architectures considering placements of network security devices in the network and the corresponding access controls. In this paper, we present an automated formal framework for synthesizing network security configurations. The main design alternatives include different kinds of isolation patterns for network traffic flows. The framework takes security requirements and business constraints along with the network topology as inputs. Then, it synthesizes cost-effective security configurations satisfying the constraints and provides placements of different security devices, optimally distributed in the network, according to the given network topology. In addition, we provide a hypothesis testing-based security architecture refinement mechanism that explores various security design alternatives using ConfigSynth and improves the security architecture by systematically increasing the security requirements. We demonstrate the execution of ConfigSynth and the refinement mechanism using case studies. Finally, we evaluate their scalability using simulated experiments.
 

El-Geneidy, Ahmed M, Hourdos, John.  Submitted.  Bus Transit Service Planning and Operations in a Competitive Environment Bus Transit Service Planning and Operations in a Competitive Environment.
A. Sturaro, S. Silvestri, M. Conti,, S. K. Das.  Submitted.  Characterizing Cascade Failures in Inter-Dependent Smart Grid Networks. IEEE Transactions on Smart Grid (Submitted in Oct 2017).
Anastasia Mavridou, Tamas Kecskes, Qishen Zhang, Janos Sztipanovits.  Submitted.  A Common Integrated Framework for Heterogeneous Modeling Services.

Under submission at 6th International Workshop on the Globalization of Modeling Language (GEMOC)

El Chamie, Mahmoud, Yu, Yue, Açıkmeşe, Behçet, Ono$\dagger$, Masahiro.  Submitted.  Controlled Markov Processes with Safety State Constraints. {IEEE} Transactions in Automatic Control.
Zhao, Yanbo, Ioannou, Petros A.  Submitted.  A Co-Simulation, Optimization, Control Approach for Traffic Light Control with Truck Priority. IEEE Transactions on Intelligent Transportation Systems.
Elmahdi, Ahmed, Taha, Ahmad F, Sun, Dengfeng.  Submitted.  Decentralized Control Framework for Networked Control Systems.
B. Zheng, C. W. Lin, S. Shiraishi, Q. Zhu.  Submitted.  Design and Analysis of Delay-Aware Intelligent Intersection Management. submitted to the ACM Transactions on Cyber-Physical Systems (TCPS).
B. Zheng, C. W. Lin, S. Shiraishi, Q. Zhu.  Submitted.  Design and Analysis of Delay-Aware Intelligent Intersection Management. submitted to the ACM Transactions on Cyber-Physical Systems (TCPS).
Aron Laszka, Waseem Abbas, Yevgeniy Vorobeychik, Xenofon Koutsoukos.  Submitted.  Detection and Mitigation of Attacks in Transportation Networks as a Multi-Stage Security Game. Computers & Security.
Yang, I..  Submitted.  A dynamic game approach to distributionally robust safety specifications for stochastic systems. Automatica.
Zhao, Yanbo, Ioannou, Petros A, Dessouky, Maged M.  Submitted.  Dynamic Multimodal Freight Routing using a Co-Simulation Optimization Approach. IEEE Transactions on Intelligent Transportation Systems.
C.-L. Wang, F. Ma, J. Yan, D. De,, S. K. Das.  Submitted.  Efficient Aerial Data Collection with UAV in Large-scale Wireless Sensor Networks.
Jansuwan, Sarawut, Ryu, Seungkyu, Freckleton, Derek, Chen, Anthony, Heaslip, Kevin.  Submitted.  An evaluation framework of an automated electric transportation system. Proceeding of the 92th Annual Meeting of the Transportation Research Board. 40
H. Liang, P. Deng, B. Zheng, Q. Zhu.  Submitted.  Extensible Software Synthesis for Automotive Cyber-Physical Systems. in preparation.
Saqib Hasan, Abhishek Dubey, Gabor Karsai, Xenofon Koutsoukos.  Submitted.  A Game-Theoretic Approach for Power Systems Defense Against Dynamic Cyber-Attacks. International Journal of Electric Power and Energy Systems. Under review..
William Tan, Abhinav Kunapareddy, Marin Kobilarov.  Submitted.  Gaussian Process Adaptive Sampling using the Cross-Entropy Method for Environment Sensing and Monitoring. submitted to the International Conference on Robotics and Automation (ICRA).
S. Bhattacharjee, S. K. Das.  Submitted.  A Harmonic Mean Comparison Approach for Defense Against Data falsification in IoT Networks. IEEE Transactions on Dependable and Secure Computing.
Aron Laszka, Waseem Abbas, Yevgeniy Vorobeychik, Xenofon Koutsoukos.  Submitted.  Integrating Redundancy, Diversity, and Hardening to Improve Security of Industrial Internet of Things.