Pub Crawl #17
Pub Crawl summarizes, by hard problems, sets of publications that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are chosen for their usefulness for current researchers. Select the topic name to view the corresponding list of publications. Submissions and suggestions are welcome.
Malware analysis, along with detection and classification, is a major issue cybersecurity. For the Science of Security community, malware classification is related to privacy, predictive metrics, human behavior and resiliency.
Malware Analysis and Graph Theory 2017 (all)
Malware analysis is generally signature based. Graph theory has the potential to provide more rigor in analyzing malware as a tool for mining large data sets. For the Science of Security community, malware classification is related to privacy, predictive metrics, human behavior and resiliency.
Malware Classification 2017 (all)
Malware classification, along with detection and analysis, is a major issue cybersecurity. For the Science of Security community, malware classification is related to privacy, predictive metrics, human behavior and resiliency.
MANET Attack Detection 2017 (all)
Security is an important research issue for mobile ad hoc networks (MANETs). The work cited here looks at attack detection. For the Science of Security community, this work relates to the hard problems of resilience, metrics, and compositionality.
MANET Attack Mitigation 2017 (all)
Security is an important research issue for mobile ad hoc networks (MANETs). The work cited here looks at attack mitigation. For the Science of Security community, this work relates to the hard problems of resilience, metrics, and compositionality.
MANET Attack Prevention 2017 (all)
Security is an important research issue for mobile ad hoc networks (MANETs). The work cited here looks at attack prevention. For the Science of Security community, this work relates to the hard problems of resilience, metrics, and compositionality.
Privacy is an important research issues for mobile ad hoc networks (MANETs). For the Science of Security community, this work relates to the hard problems of resilience, metrics, and compositionality.
Security is an important research issue for mobile ad hoc networks (MANETs). For the Science of Security community, this work relates to the hard problems of resilience, metrics, and compositionality.
Measurement and Metrics Testing 2017 (all)
Measurement and metrics are hard problems in the Science of Security. The research cited here looks at methods and techniques for testing the validity of measurement and metrics techniques.
Microelectronics Security 2017 (all)
Microelectronics is at the center of the IT world. Their security—provenance, integrity of their manufacture, and capacity for providing embedded security—is both an opportunity and a problem for cybersecurity research. For the Science of Security community, microelectronic security is a constituent component of resiliency, composability, and predictive metrics.
Middleware Security 2017 (all)
Middleware facilitates distributed processing, and is of significant interest to the security world with the development of cloud and mobile applications. It is important to the Science of Security community relative to resilience, policy-based governance and composability.
Named Data Network Security 2017 (all)
Named Data Networking (NDN) is one of five research projects funded by the U.S. National Science Foundation under its Future Internet Architecture Program. Its goal is to make it easier to develop, manage, secure, and use networks and the Internet. For the Science of Security community, these efforts are relevant to the hard problems of resilience, human behavior, and scalability.
Nearest Neighbor Search 2017 (all)
The search for secure privacy protecting nearest neighbor searches is an issue in cybersecurity related to the Science of Security community hard problem of measurement and predictive metrics.
Network Accountability 2017 (all)
The term “accountability’ suggests that an entity should be held responsible for its own specific actions. Once an event has transpired, the events that took place need to be traceable so that the causes can be determined afterwards. The goal of network accountability research is to provide accountability within networks and computers by building trace files of events. For the Science of Security community, it is relevant to composability, resilience, and metrics.
Network coding methods are used to improve a network's throughput, efficiency and scalability. It can also be a method for dealing with attacks and eavesdropping. For the Science of Security community, research into network coding is relevant to the general network problems associated with the hard problems of resiliency, composability, and predictive metrics, as well as cyber physical systems.
Networked Control Systems Security 2017 (all)
Network control systems (NCS) offer a relatively inexpensive way for communications networks to provide diagnostics, flexibility, and robustness. To the Science of Security community, NCS research is relevant to the hard problems of resiliency, composability, and predictive metrics.
Network Intrusion Detection 2017 (all)
Network intrusion detection is one of the chronic problems in cybersecurity. The growth of cellular and ad hoc networks has increased the threat and risks and research into this area of concern reflects its importance. For the Science of Security community, NID is relevant to metrics, composability, and resilience.
Network on Chip Security 2017 (all)
Network on chip (NoC or NOC) is a communication subsystem on an integrated circuit. NOC technology applies networking theory and methods to on-chip communication and brings improvements over conventional interconnections. From a Science of Security perspective, NOC security is relevant to scalability, resilience, and metrics.
Neural Network Resilience 2017 (all)
Artificial neural networks have been used to solve a wide variety of tasks that are hard to solve using ordinary rule-based programming. What has attracted much interest in neural networks is the possibility of learning. Resilience is the Science of Security interest referenced here.
Neural Networks Security 2017 (all)
Artificial neural networks have been used to solve a wide variety of tasks that are hard to solve using ordinary rule-based programming. What has attracted much interest in neural networks is the possibility of learning. Tasks such as function approximation, classification pattern and sequence recognition, anomaly detection, filtering, clustering, blind source separation and compression and controls all have security implications. Cyber physical systems, resiliency, policy-based governance and metrics are the Science of Security interests.
Object Oriented Security 2017 (all)
The use of common object-oriented design patterns as a mechanism for access control is called Object-Oriented Security. These mechanisms can be easier to use and more effective than traditional security models. For the Science of Security community, OOP security models are of interest relative to the hard problems of resiliency, composability, and metrics.
Pattern locks are best known as the access codes using a series of lines connecting dots. Primarily familiar to Android users, research into pattern locks shows promise for many more uses. For the Science of Security community, they are important relative to the hard problems of human behavior, scalability and resilience.
Physical Layer Security 2017 (all)
Physical layer security presents the theoretical foundation for a new model for secure communications by exploiting the noise inherent to communications channels. Based on information-theoretic limits of secure communications at the physical layer, the concept has challenges and opportunities related to designing of physical layer security schemes. The works presented here address the information-theoretical underpinnings of physical layer security and present various approaches and outcomes for communications systems. For the Science of Security community, physical layer security relates to resilience, metrics, and composability.
The Public Key Infrastructure (PKI) is designed to ensure the security of electronic transactions and the exchange of sensitive information through cryptographic keys and certificates. Several PKI trust models are proposed in the literature to model trust relationship and trust propagation. The research cited here looks at several of those models, particularly in the area of ad hoc networks. For the Science of Security community, this work is relevant to the hard problems of resiliency, scalability, human behavior, and metrics.
Security Risk Management 2017 (all)
Security risk management is relevant to the Science of Security hard problems of predictive metrics, human behavior, scalability and resilience.
Security Weaknesses 2017 (all)
Attackers need only find one or a few exploitable vulnerabilities to mount a successful attack while defenders must shore up as many weaknesses as practicable. The research presented here covers a range of weaknesses and approaches for identifying and securing against attacks. Many articles focus on key systems, both public and private. Hard problems addressed include human behavior, policy-based governance, resilience and metrics.
Signature Based Defense 2017 (all)
Research into the use of malware signatures to inform defensive methods is a standard research exercise for the Science of Security community. This work addresses issues related to scalability and resilience.
Smart Grid Consumer Privacy 2017 (all)
Concerns about consumer privacy and electric power usage have impacted utilities fielding of smart-meters. Securing power meter readings in a way that addresses while protecting consumer privacy is a concern of research designed to help alleviate those concerns. For the Science of Security community, privacy is a core topic.
Agent-based modeling of human social behavior is an increasingly important research area. Efficient, scalable and robust social systems are difficult to engineer, both from the modeling perspective and the implementation perspective. The work cited here addresses these problems. It is relevant to the Science of Security community relative to human factors and scalability.
SQL injection is used to attack data-driven applications. Malicious SQL statements are inserted into an entry field for execution to dump the database contents to the attacker. One of the most common hacker techniques, SQL injection is used to exploit security vulnerabilities in an application's software. It is mostly used against websites but can be used to attack any type of SQL database. Because of its prevalence and ease of use from the hacker perspective, it is an important area for research and of interest to the Science of Security community relative to human behavior, metrics, resiliency, privacy and policy-based governance.
The Secure Socket Layer (SSL) is designed to ensure the security of electronic transactions and the exchange of sensitive information through cryptographic keys and certificates. Several SSL trust models are proposed in the literature to model trust relationship and trust propagation. The research cited here looks at several of those models, particularly in the area of ad hoc networks. For the Science of Security community, this work is relevant to the hard problems of resiliency, scalability, human behavior, and metrics.
Static Code Analysis 2017 (all)
Static code analysis is a standard method of testing software prior to production and marketing. Much of the work done in the Science of Security to look at code suggests that these analyses need to address security issues. Methods and practices cited in the research referenced here relate to human behavior, composability, and resiliency.
Stochastic Computing Security 2017 (all)
Although stochastic computing was historically considered a failure, it may still remain relevant for solving certain problems, including machine learning and control, stochastic decoding, which applies stochastic computing to the decoding of error correcting codes, and image processing tasks such as edge detection and image thresholding. For the Science of Security community, it is of interest relative to resilience and scalability.
Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests for removal via email of the links or modifications to specific citations. Please include the URL of the specific citation in your correspondence.
Pub Crawl contains bibliographical citations, abstracts if available, links on specific topics, and research problems of interest to the Science of Security community.
How recent are these publications?
These bibliographies include recent scholarly research on topics that have been presented or published within the stated year. Some represent updates from work presented in previous years; others are new topics.
How are topics selected?
The specific topics are selected from materials that have been peer reviewed and presented at SoS conferences or referenced in current work. The topics are also chosen for their usefulness for current researchers.
How can I submit or suggest a publication?
Researchers willing to share their work are welcome to submit a citation, abstract, and URL for consideration and posting, and to identify additional topics of interest to the community. Researchers are also encouraged to share this request with their colleagues and collaborators.
What are the hard problems?
Select a hard problem to retrieve related publications.
- - Scalability and Composability: Develop methods to enable the construction of secure systems with known security properties from components with known security properties, without a requirement to fully re-analyze the constituent components.
- - Policy-Governed Secure Collaboration: Develop methods to express and enforce normative requirements and policies for handling data with differing usage needs and among users in different authority domains.
- - Security Metrics Driven Evaluation, Design, Development, and Deployment: Develop security metrics and models capable of predicting whether or confirming that a given cyber system preserves a given set of security properties (deterministically or probabilistically), in a given context.
- - Resilient Architectures: Develop means to design and analyze system architectures that deliver required service in the face of compromised components.
- - Understanding and Accounting for Human Behavior: Develop models of human behavior (of both users and adversaries) that enable the design, modeling, and analysis of systems with specified security properties.