The escalating visibility of secure direct object reference (IDOR) vulnerabilities in API security, as indicated in the compilation of OWASP Top 10 API Security Risks, highlights a noteworthy peril to sensitive data. This study explores IDOR vulnerabilities found within Android APIs, intending to clarify their inception while evaluating their implications for application security. This study combined the qualitative and quantitative approaches. Insights were obtained from an actual penetration test on an Android app into the primary reasons for IDOR vulnerabilities, underscoring insufficient input validation and weak authorization methods. We stress the frequent occurrence of IDOR vulnerabilities in the OWASP Top 10 API vulnerability list, highlighting the necessity to prioritize them in security evaluations. There are mitigation recommendations available for developers, which recognize its limitations involving a possibly small and homogeneous selection of tested Android applications, the testing environment that could cause some inaccuracies, and the impact of time constraints. Additionally, the study noted insufficient threat modeling and root cause analysis, affecting its generalizability and real-world relevance. However, comprehending and controlling IDOR dangers can enhance Android API security, protect user data, and bolster application resilience.
Authored by Semi Yulianto, Roni Abdullah, Benfano Soewito
In recent times, the research looks into the measures taken by financial institutions to secure their systems and reduce the likelihood of attacks. The study results indicate that all cultures are undergoing a digital transformation at the present time. The dawn of the Internet ushered in an era of increased sophistication in many fields. There has been a gradual but steady shift in attitude toward digital and networked computers in the business world over the past few years. Financial organizations are increasingly vulnerable to external cyberattacks due to the ease of usage and positive effects. They are also susceptible to attacks from within their own organisation. In this paper, we develop a machine learning based quantitative risk assessment model that effectively assess and minimises this risk. Quantitative risk calculation is used since it is the best way for calculating network risk. According to the study, a network s vulnerability is proportional to the number of times its threats have been exploited and the amount of damage they have caused. The simulation is used to test the model s efficacy, and the results show that the model detects threats more effectively than the other methods.
Authored by Lavanya M, Mangayarkarasi S
Anomaly detection is a challenge well-suited to machine learning and in the context of information security, the benefits of unsupervised solutions show significant promise. Recent attention to Graph Neural Networks (GNNs) has provided an innovative approach to learn from attributed graphs. Using a GNN encoder-decoder architecture, anomalous edges between nodes can be detected during the reconstruction phase. The aim of this research is to determine whether an unsupervised GNN model can detect anomalous network connections in a static, attributed network. Network logs were collected from four corporate networks and one artificial network using endpoint monitoring tools. A GNN-based anomaly detection system was designed and employed to score and rank anomalous connections between hosts. The model was validated against four realistic experimental scenarios against the four large corporate networks and the smaller artificial network environment. Although quantitative metrics were affected by factors including the scale of the network, qualitative assessments indicated that anomalies from all scenarios were detected. The false positives across each scenario indicate that this model in its current form is useful as an initial triage, though would require further improvement to become a performant detector. This research serves as a promising step for advancing this methodology in detecting anomalous network connections. Future work to improve results includes narrowing the scope of detection to specific threat types and a further focus on feature engineering and selection.
Authored by Charlie Grimshaw, Brian Lachine, Taylor Perkins, Emilie Coote
Cyberattacks, particularly those that take place in real time, will be able to target an increasing number of networked systems as more and more items connect to the Internet of items. While the system is operational, it is susceptible to intrusions that might have catastrophic consequences, such as the theft of sensitive information, the violation of personal privacy, or perhaps physical injury or even death. These outcomes are all possible while the system is operational. A mixed-methods research approach was required in order to fulfill the requirements for understanding the nature and scope of real-time assaults on IoT-powered cybersecurity infrastructure. The quantitative data that was utilized in this research came from an online survey of IoT security professionals as well as an analysis of publicly available information on IoT security incidents. For the purpose of gathering qualitative data, in-depth interviews with industry experts and specialists in the area of Internet of Things security were conducted. The authors provide a novel method for identifying cybersecurity flaws and breaches in cyber-physical systems, one that makes use of deep learning in conjunction with blockchain technology. This method has the potential to be quite useful. Their proposed technique compares and evaluates unsupervised and deep learning-based discriminative methods, in addition to introducing a generative adversarial network, in order to determine whether cyber threats are present in IICs networks that are powered by IoT. The results indicate an improvement in performance in terms of accuracy, reliability, and efficiency in recognizing all types of attacks. The dropout value was found to be 0.2, and the epoch value was set at 25.
Authored by Varsha Agarwal, Pooja Gupta
The escalating visibility of secure direct object reference (IDOR) vulnerabilities in API security, as indicated in the compilation of OWASP Top 10 API Security Risks, highlights a noteworthy peril to sensitive data. This study explores IDOR vulnerabilities found within Android APIs, intending to clarify their inception while evaluating their implications for application security. This study combined the qualitative and quantitative approaches. Insights were obtained from an actual penetration test on an Android app into the primary reasons for IDOR vulnerabilities, underscoring insufficient input validation and weak authorization methods. We stress the frequent occurrence of IDOR vulnerabilities in the OWASP Top 10 API vulnerability list, highlighting the necessity to prioritize them in security evaluations. There are mitigation recommendations available for developers, which recognize its limitations involving a possibly small and homogeneous selection of tested Android applications, the testing environment that could cause some inaccuracies, and the impact of time constraints. Additionally, the study noted insufficient threat modeling and root cause analysis, affecting its generalizability and real-world relevance. However, comprehending and controlling IDOR dangers can enhance Android API security, protect user data, and bolster application resilience.
Authored by Semi Yulianto, Roni Abdullah, Benfano Soewito
Over the past decade, the number of cyber attack incidents targeting critical infrastructures such as the electrical power system has increased. To assess the risk of cyber attacks on the cyber-physical system, a holistic approach is needed that considers both system layers. However, the existing risk assessment methods are either qualitative in nature or employ probabilistic models to study the impact on only one system layer. Hence, in this work, we propose a quantitative risk assessment method for cyber-physical systems based on probabilistic and deterministic techniques. The former uses attack graphs to evaluate the attack likelihood, while the latter analyzes the potential cyber-physical impact. This is achieved through a dynamic cyber-physical power system model, i.e., digital twin, able to simulate power system cascading failures caused by cyber attacks. Additionally, we propose a domain-specific language to describe the assets of digital substations and thereby model the attack graphs. Using the proposed method, combined risk metrics are calculated that consider the likelihood and impact of cyber threat scenarios. The risk assessment is conducted using the IEEE 39-bus system, consisting of 27 user-defined digital substations. These substations serve as the backbone of the examined cyber system layer and as entry-points for the attackers. Results indicate that cyber attacks on specific substations can cause major cascading failures or even a blackout. Thereby, the proposed method identifies the most critical substations and assets that must be cyber secured.
Authored by Ioannis Semertzis, Vetrivel Rajkumar, Alexandru Ştefanov, Frank Fransen, Peter Palensky
Cybersecurity risk analysis is crucial for orga-nizations to assess, identify, and prioritize possible threats to their systems and assets. Organizations aim to estimate the loss cost in case cybersecurity risks occur to decide the control actions they should invest in. Quantitative risk analysis aids organizations in making well-informed decisions about risk mitigation strategies and resource allocation. Therefore, organizations must use quantitative risk analysis methods to identify and prioritize risks rather than relying on qualitative methods. This paper proposes a spreadsheet-based quantitative risk analysis method based on verbal likelihoods. Our approach relies on tables constructed by experts that map between linguistic likelihood and possible probability ranges. Using linguistic terms to estimate the probability of risk occurrence will help experts apply quantitative estimation easily by using common language as input, thus eliminating the need to assign precise probabilities. We experimented with real examples to validate our approach s accuracy and reliability and compared our results with those obtained from another method. Also, we conducted tests to measure our model s performance and robustness. Our study showcases the effectiveness of our approach and demonstrates its potential for risk analysts to use it in real-world applications.
Authored by Karim Elhammady, Sebastian Fischmeister
Cybersecurity is largely based on the use of frameworks (ISO27k, NIST, etc.) which main objective is compliance with the standard. They do not, however, address the quantification of the risk deriving from a threat scenario. This paper proposes a methodology that, having evaluated the overall capability of the controls of an ISO27001 framework, allows to select those that mitigate a threat scenario and evaluate the risk according to a Cybersecurity Risk Quantification model.
Authored by Glauco Bertocchi, Alberto Piamonte
Simulation research on fish schooling behavior is of great significance. This paper proposes an improved fish schooling behavior simulation model, which introduces fish collision avoidance, escape, and pursuit rules based on the Boids model, so that the model can simulate the response of fish when facing threats. And the simulation of fish schooling behavior in complex environment was present based on Unity3D. The quantitative analysis of the simulation results shows that the model proposed in this paper can effectively reflect the behavior al characteristics of fish schools. These results are highly consistent with the actual fish schooling behavior, which clearly demonstrates the feasibility of the model in simulating fish schooling behavior.
Authored by Jiaxin Li, Xiaofeng Sun
Cyber-physical system such as automatic metering infrastructure (AMI) are overly complex infrastructures. With myriad stakeholders, real-time constraints, heterogeneous platforms and component dependencies, a plethora of attacks possibilities arise. Despite the best of available technology countermeasures and compliance standards, security practitioners struggle to protect their infrastructures. At the same time, it is important to note that not all attacks are same in terms of their likelihood of occurrence and impact. Hence, it is important to rank the various attacks and perform scenario analysis to have an objective decision on security countermeasures. In this paper, we make a comprehensive security risk analysis of AMI, both qualitatively and quantitatively. Qualitative analysis is performed by ranking the attacks in terms of sensitivity and criticality. Quantitative analysis is done by arranging the attacks as an attack tree and performing Bayesian analysis. Typically, state-of–the-art quantitative security risk analysis suffers from data scarcity. We acknowledge the aforementioned problem and circumvent it by using standard vulnerability database. Different from state-of-the-art surveys on the subject, which captures the big picture, our work is geared to is provide the prioritized baselines in addressing most common and damaging attacks.
Authored by Rajesh Kumar, Ishan Rai, Krish Vora, Mithil Shah
Intrusion detection is important in the defense in depth network security framework and a hot topic in computer network security in recent years. In this paper, an effective method for anomaly intrusion detection with low overhead and high efficiency is presented and applied to monitor the abnormal behavior of processes. The method is based on rough set theory and capable of extracting a set of detection rules with the minimum size to form a normal behavior model from the record of system call sequences generated during the normal execution of a process. Based on the network security knowledge base system, this paper proposes an intrusion detection model based on the network security knowledge base system, including data filtering, attack attempt analysis and situation assessment engine. In this model, evolutionary self organizing mapping is used to discover multi - target attacks of the same origin; The association rules obtained by time series analysis method are used to correlate online alarm events to identify complex attacks scattered in time; Finally, the corresponding evaluation indexes and corresponding quantitative evaluation methods are given for host level and LAN system level threats respectively. Compared with the existing IDS, this model has a more complete structure, richer knowledge available, and can more easily find cooperative attacks and effectively reduce the false positive rate.
Authored by Songjie Gong
In recent times, the research looks into the measures taken by financial institutions to secure their systems and reduce the likelihood of attacks. The study results indicate that all cultures are undergoing a digital transformation at the present time. The dawn of the Internet ushered in an era of increased sophistication in many fields. There has been a gradual but steady shift in attitude toward digital and networked computers in the business world over the past few years. Financial organizations are increasingly vulnerable to external cyberattacks due to the ease of usage and positive effects. They are also susceptible to attacks from within their own organisation. In this paper, we develop a machine learning based quantitative risk assessment model that effectively assess and minimises this risk. Quantitative risk calculation is used since it is the best way for calculating network risk. According to the study, a network s vulnerability is proportional to the number of times its threats have been exploited and the amount of damage they have caused. The simulation is used to test the model s efficacy, and the results show that the model detects threats more effectively than the other methods.
Authored by Lavanya M, Mangayarkarasi S
The growth of Electric Vehicles (EVs), coupled with the deployment of large-scale extreme fast charging stations (XFCSs), has increased the attack surface for EV ecosystems. To secure such critical cyber-physical systems (CPSs), it is imperative for the system defenders to perform an in-depth analysis of potential attack vectors, evaluate possible countermeasures, and analyze attack-defense scenarios quantitatively to implement a defense strategy that will provide maximum utilization of their limited resources. Therefore, a systematic framework is essential, relying on modeling tools that security experts are familiar with. In this paper, we propose a comprehensive methodology for enabling the defender to perform a high-level attack surface analysis of an XFCS and determine the defense strategy with the highest utility value. We apply STRIDE threat modeling and attack defense tree (ADT) to enumerate realizable attack paths and identify possible defense measures. We then employ analytic hierarchy process (AHP) as a multi-criteria decisionmaking algorithm to obtain the highest utility strategy for the defender to adopt. The proposed methodology is validated by demonstrating its real-world feasibility through a case study, using sample attack paths for an XFCS.
Authored by Souradeep Bhattacharya, Manimaran Govindarasu, Mansi Girdhar, Junho Hong
Recently, Graphical Security Models (GrSMs) became widely used for security analysis. The basic formalism called Attack Tree (AT) has been augmented with new attributes covering defence, response, and countermeasure aspects to support security modelling and analysis in vulnerable systems. Although the models have strength in visualising and analysing small attack-defence scenarios, these suffer from lack of scalability when increasing nodes and adaptability with other refinement models to show the dynamic nature and state of systems in interest. In this work, Coloured Petri net (CPN) is used to fulfil the mentioned shortcomings in GrSMs (specifically Treebased models). It is applied for evaluating each component´s interactions, the impact of threats as well as defence systems to mitigate those threats. For that end and pointing out the CPN adaptability with GrSMs, a set of mapping rules are proposed allowing translation of ATs extension into CPN and their analysis. The quantitative analysis aspect is addressed in this work by introducing computing transition. We validate our proposed approach by applying it in an example of SCADA systems cybersecurity analysis.
Authored by Shabnam Pasandideh, Pedro Pereira, Luis Gomes
Cybersecurity risk analysis is crucial for orga-nizations to assess, identify, and prioritize possible threats to their systems and assets. Organizations aim to estimate the loss cost in case cybersecurity risks occur to decide the control actions they should invest in. Quantitative risk analysis aids organizations in making well-informed decisions about risk mitigation strategies and resource allocation. Therefore, organizations must use quantitative risk analysis methods to identify and prioritize risks rather than relying on qualitative methods. This paper proposes a spreadsheet-based quantitative risk analysis method based on verbal likelihoods. Our approach relies on tables constructed by experts that map between linguistic likelihood and possible probability ranges. Using linguistic terms to estimate the probability of risk occurrence will help experts apply quantitative estimation easily by using common language as input, thus eliminating the need to assign precise probabilities. We experimented with real examples to validate our approach s accuracy and reliability and compared our results with those obtained from another method. Also, we conducted tests to measure our model s performance and robustness. Our study showcases the effectiveness of our approach and demonstrates its potential for risk analysts to use it in real-world applications.
Authored by Karim Elhammady, Sebastian Fischmeister
Security still remains an afterthought in modern Electronic Design Automation (EDA) tools, which solely focus on enhancing performance and reducing the chip size. Typically, the security analysis is conducted by hand, leading to vulnerabilities in the design remaining unnoticed. Security-aware EDA tools assist the designer in the identification and removal of security threats while keeping performance and area in mind. Stateof-the-art approaches utilize information flow analysis to spot unintended information leakages in design structures. However, the classification of such threats is binary, resulting in negligible leakages being listed as well. A novel quantitative analysis allows the application of a metric to determine a numeric value for a leakage. Nonetheless, current approximations to quantify the leakage are still prone to overlooking leakages. The mathematical model 2D-QModel introduced in this work aims to overcome this shortcoming. Additionally, as previous work only includes a limited threat model, multiple threat models can be applied using the provided approach. Open-source benchmarks are used to show the capabilities of 2D-QModel to identify hardware Trojans in the design while ignoring insignificant leakages.
Authored by Lennart Reimann, Sarp Erdönmez, Dominik Sisejkovic, Rainer Leupers
In this paper, an air Air target threat assessment method based on a variable weight cloud Bayesian network (VWCBN) is proposed, which addresses the qualitative issue of air target threat levels, as most of the existing threat assessment results in focus on quantitative analysis. The proposed method enables high, medium, and low qualitative decision-making for air target threat levels. Firstly, a Bayesian network model that incorporates the attribute of air threat is constructed, assessing the threat level of air targets. Secondly, the cloud model is introduced to the Bayesian network, using it to represent the probability of correlation between nodes in the network. Then, by combining the battlefield situation information, using an improved variable weight method with Gaussian expression, the weights of target attributes are determined. Finally, based on the correlation probability and target attribute weight, the cloud model operation rules are utilized to obtain the decision of the air target threat level. Simulation results demonstrate that the proposed VWCBN method can effectively assess target threats, obtain air target threat level decisions, and further improve the utilization of battlefield information.
Authored by Lin Zhou, Junfang Leng, Meng Zhang, Zheng Zhao, Yongjing Huo, Jiawei Wu
The growth of Electric Vehicles (EVs), coupled with the deployment of large-scale extreme fast charging stations (XFCSs), has increased the attack surface for EV ecosystems. To secure such critical cyber-physical systems (CPSs), it is imperative for the system defenders to perform an in-depth analysis of potential attack vectors, evaluate possible countermeasures, and analyze attack-defense scenarios quantitatively to implement a defense strategy that will provide maximum utilization of their limited resources. Therefore, a systematic framework is essential, relying on modeling tools that security experts are familiar with. In this paper, we propose a comprehensive methodology for enabling the defender to perform a high-level attack surface analysis of an XFCS and determine the defense strategy with the highest utility value. We apply STRIDE threat modeling and attack defense tree (ADT) to enumerate realizable attack paths and identify possible defense measures. We then employ analytic hierarchy process (AHP) as a multi-criteria decisionmaking algorithm to obtain the highest utility strategy for the defender to adopt. The proposed methodology is validated by demonstrating its real-world feasibility through a case study, using sample attack paths for an XFCS.
Authored by Souradeep Bhattacharya, Manimaran Govindarasu, Mansi Girdhar, Junho Hong
The perception of security when consumers use the m-fintech payment application impacts satisfaction and continuance intention. However, data security threats and legal breaches have made consumers skeptical about the continuance of m-fintech payments. Therefore, this study aims to analyze the perceived security factor as a form of consumer satisfaction and the desire to continue using it with the support of confirmation behavior. This study uses a quantitative method by surveying 357 m-fintech payment users in Jabodetabek. All collected data has been processed, cleaned, and analyzed utilizing variance-based Structural Equation Modeling statistics. The research finding has proven that all hypotheses are accepted. Perceived security significantly affects confirmation, satisfaction, and continuance intention. A confirmation significantly affects satisfaction, and satisfaction significantly affects the continuance intention of mfintech payment. The originality of this research measures perceived security formatively. The conclusions of this analysis serve as information for the digital central currency bank (CDBC) development plan based on the security level.
Authored by Ridho Ikhsan, Yudi Fernando, Vini Mariani, Anderes Gui, Ahmad Fakhrorazi, Ika Wahyuni-TD
The growth of Electric Vehicles (EVs), coupled with the deployment of large-scale extreme fast charging stations (XFCSs), has increased the attack surface for EV ecosystems. To secure such critical cyber-physical systems (CPSs), it is imperative for the system defenders to perform an in-depth analysis of potential attack vectors, evaluate possible countermeasures, and analyze attack-defense scenarios quantitatively to implement a defense strategy that will provide maximum utilization of their limited resources. Therefore, a systematic framework is essential, relying on modeling tools that security experts are familiar with. In this paper, we propose a comprehensive methodology for enabling the defender to perform a high-level attack surface analysis of an XFCS and determine the defense strategy with the highest utility value. We apply STRIDE threat modeling and attack defense tree (ADT) to enumerate realizable attack paths and identify possible defense measures. We then employ analytic hierarchy process (AHP) as a multi-criteria decisionmaking algorithm to obtain the highest utility strategy for the defender to adopt. The proposed methodology is validated by demonstrating its real-world feasibility through a case study, using sample attack paths for an XFCS.
Authored by Souradeep Bhattacharya, Manimaran Govindarasu, Mansi Girdhar, Junho Hong
Online loan is viewed as an alternative to banking but easier and provide direct connection between public and loan offerer. However, online security threats and scam are undermining the quality of online loan. This study aims to determine how the public views their privacy while using online loan applications, perceived risk, perceived security, and qualities on intention to apply online loan. In order to examine the intention, a quantitative survey method was adopted and survey questionnaire was sent to the public who had experienced and apply for online loan applications. 153 responses were received and analysed using IBM SPSS version 28 for demographic analysis and SmartPLS 4 for model and structural measurements. Results show that perceived security, service quality and system quality were not critical to the respondents when choosing online loan applications while perceived risk, information sharing, and privacy concern were critical. This study shows that general public believed that security and quality are part of the package when organization offered a product or service. Interestingly, while privacy, risk, and information are important, public felt that it is the duty of organization to take care of their interests. Future research should look into behavioural aspects of public risk, information sharing, and privacy concern to understand in-depth.
Authored by Natanael Kurniawan, Jacques, Muammar Tohepaly, Anderes Gui, Muhammad Shaharudin, Yuvaraj Ganesan
The escalating visibility of secure direct object reference (IDOR) vulnerabilities in API security, as indicated in ⁠ the compilation of OWASP Top 10 API Security Risks, highlights a noteworthy peril to sensitive data. This study explores IDOR vulnerabilities found within Android APIs, intending to clarify their inception while evaluating their implications for application security. This study combined the qualitative and quantitative approaches. Insights were obtained from an actual penetration test on an Android app into the ⁠ primary reasons for IDOR vulnerabilities, underscoring insufficient input validation and weak authorization methods. We stress the frequent occurrence of IDOR vulnerabilities in the OWASP Top 10 API ⁠ vulnerability list, highlighting the necessity to prioritize them in security evaluations. There are mitigation recommendations available for developers, which recognize its limitations involving a possibly small and homogeneous selection ⁠ of tested Android applications, the testing environment that could cause some inaccuracies, and the impact of time constraints. Additionally, the study noted insufficient threat modeling and root ⁠ cause analysis, affecting its generalizability and real-world relevance. However, comprehending and controlling IDOR dangers can enhance Android API ⁠ security, protect user data, and bolster application resilience.
Authored by Semi Yulianto, Roni Abdullah, Benfano Soewito
Risk assessors and managers face many difficult challenges related to the new network system. These challenges include the continuous changes in the nature of network systems caused by technological progress, their distribution in the fields of physics, information and social cognition, and the complex network structure that usually includes thousands of nodes. Here, we review the probability and risk-based decision technology applied to network systems, and conclude that the existing methods can not solve all the components of the risk assessment triad (threat, vulnerability, consequence), and lack the ability to integrate across multiple areas of network systems, thus providing guidance for enhancing network security. We propose a cloud native security chain architecture and network topology reconstruction technology link based on the full link of microservices. The network security performance is quantified by multi-layer filtering mechanism and setting different fitness index functions. The method proposed in this paper solves the problems of packet loss, load balancing and distributed delay of network security mechanism in the global network to a certain extent.
Authored by Shuo Sheng, Kun Che, Ang Mi, Xiaobo Wan
Package registries host reusable code assets, allowing developers to share and reuse packages easily, thus accelerating the software development process. Current software registry ecosystems involve multiple independent stakeholders for package management. Unfortunately, abnormal behavior and information inconsistency inevitably exist, enabling adversaries to conduct malicious activities with minimal effort covertly. In this paper, we investigate potential security vulnerabilities in six popular software registry ecosystems. Through a systematic analysis of the official registries, corresponding registry mirrors and registry clients, we identify twelve potential attack vectors, with six of them disclosed for the first time, that can be exploited to distribute malicious code stealthily. Based on these security issues, we build an analysis framework, RScouter, to continuously monitor and uncover vulnerabilities in registry ecosystems. We then utilize RScouter to conduct a measurement study spanning one year over six registries and seventeen popular mirrors, scrutinizing over 4 million packages across 53 million package versions. Our quantitative analysis demonstrates that multiple threats exist in every ecosystem, and some have been exploited by attackers. We have duly reported the identified vulnerabilities to related stakeholders and received positive responses.
Authored by Yacong Gu, Lingyun Ying, Yingyuan Pu, Xiao Hu, Huajun Chai, Ruimin Wang, Xing Gao, Haixin Duan
Security system designers favor worst-case security metrics, such as those derived from differential privacy (DP), due to the strong guarantees they provide. On the downside, these guarantees result in a high penalty on the system’s performance. In this paper, we study Bayes security, a security metric inspired by the cryptographic advantage. Similarly to DP, Bayes security i) is independent of an adversary’s prior knowledge, ii) it captures the worst-case scenario for the two most vulnerable secrets (e.g., data records); and iii) it is easy to compose, facilitating security analyses. Additionally, Bayes security iv) can be consistently estimated in a black-box manner, contrary to DP, which is useful when a formal analysis is not feasible; and v) provides a better utility-security trade-off in high-security regimes because it quantifies the risk for a specific threat model as opposed to threat-agnostic metrics such as DP.
Authored by Konstantinos Chatzikokolakis, Giovanni Cherubin, Catuscia Palamidessi, Carmela Troncoso