CISRC

The designs of Physically Unclonable Functions (PUFs) described in this paper are based on Resistive RAMs incorporating ternary states with the objective to reduce false negative authentications (FNA) with low Challenge-Response-Pair (CRP) error rates. ...

The threshold scheme, the monotone circuit construction, and the vector space construction are some of the well-known secret sharing schemes in cryptography. The threshold and monotone circuit secret sharing schemes are fairly easy to construct for any ...

Today's systems are increasingly complex consisting of many components designed by multiple competing vendors. Trust management relies heavily on situational awareness of the operating environment, and comprehensive knowledge of components and their ...

This work presents a new class of Covert Hardware Trojan Horses (Covert HTHs), which can be algorithmically implanted with no change to their host circuit's functional behavior and without the need for additional unrelated logic. As a result, Covert ...

To improve the information assurance of mission execution over modern IT infrastructure, new cyber defenses need to not only provide security benefits, but also perform within a given cost regime. Current approaches for validating and integrating cyber ...

SCADA security is an increasingly important research area as these systems, used for process control and automation, are being exposed to the Internet due to their use of TCP/IP protocols as a transport mechanism for control messages. Most of the ...

Anti-censorship techniques are important as the ability to freely access information is key to a democratic society. This issue has become even more critical in the information age. In this paper, we present an anti-censorship scheme based on the use of ...

Game theory is appropriate for studying cyber conflict because it allows for an intelligent and goal-driven adversary. Applications of game theory have led to a number of results regarding optimal attack and defense strategies. However, the overwhelming ...

Stack canaries are a well-known and effective technique for detecting and defeating stack overflow attacks. However, they are not perfect. For programs compiled using gcc, the reference canary value is randomly generated at program invocation and fixed ...

The Fermi National Accelerator Laboratory (FNAL) is facing the challenge of providing scientific data access and grid submission to scientific collaborations that span the globe but are hosted at FNAL. Researchers in these collaborations are currently ...

As the frequency, severity, and sophistication of cyber attacks increase, along with our dependence on reliable computing infrastructure, the role of Intrusion Detection Systems (IDS) gaining importance. One of the challenges in deploying an IDS stems ...

This paper outlines a set of 10 cyber security concerns associated with Industrial Control Systems (ICS). The concerns address software and hardware development, implementation, and maintenance practices, supply chain assurance, the need for cyber ...

It seems that computer network defenders are always two steps behind attackers. This is due in part to the need for defenders to protect against the exploitation of zero-day vulnerabilities which they may not yet know exist. If network defenders were ...

Instruction set randomization (ISR) provides a strong defense against all types of injection attacks, especially in interpreted environments. However, fully enabling a system to benefit from language interpreters that support programs diversified with ...

This paper introduces a novel graph-analytic approach for detecting anomalies in network flow data called GraphPrints. Building on foundational network-mining techniques, our method represents time slices of traffic as a graph, then counts graphlets---...

This paper describes an approach for detecting the presence of domain name system (DNS) tunnels in network traffic. DNS tunneling is a common technique hackers use to establish command and control nodes and to exfiltrate data from networks. To generate ...

Cyber security research has produced numerous artificial diversity techniques such as address space layout randomization, heap randomization, instruction-set randomization, and instruction location randomization. To be most effective, these techniques ...

Virtualization technology has become ubiquitous in the computing world. With it, a number of security concerns have been amplified as users run adjacently on a single host. In order to prevent attacks from both internal and external sources, the ...

This paper presents the results of a linear cryptanalysis of quasigroup block cipher. The quasigroup block cipher is being developed for resource constrained environments, especially SCADA systems. Here we determine if any key material can be found by ...

Field Programmable Gate Arrays (FPGAs) are powerful and flexible pieces of hardware used in a variety of applications. These chips are used in monitoring network traffic, guidance systems, cryptographic calculations, medical devices, embedded systems, ...

Attack graphs are a powerful modeling technique with which to explore the attack surface of a system. However, they can be difficult to generate due to the exponential growth of the state space, often times making exhaustive search impractical. This ...

Comprehensive network modeling remains a challenge for the security analyst. Complete coverage and depth of detail in network models is difficult to achieve for large and complex networks, especially when significant effort in manual elaboration is ...

Selecting an online software service for a given set of requirements can be based on the quality of results (i.e., relative ranking of the services) and associated recommendations (i.e., applicability of the suggested services). Prevalent approaches for ...

In the recent years, silicon based Physical Unclonable Function (PUF) has evolved as one of the popular hardware security primitives. PUFs are a class of circuits that use the inherent variations in the Integrated Circuit (IC) manufacturing process to ...

Most insider attacks done by people who have the knowledge and technical know-how of launching such attacks. This topic has long been studied and many detection techniques were proposed to deal with insider threats. This short paper summarized and ...

We investigated the security resilience of the current Windows Active Directory (AD) environments to Pass-the-Hash and Pass-the-Ticket, two prominent post-exploitation, credential theft attacks. An operating system's security resilience consists of its ...