Change search
Refine search result
123 101 - 111 of 111
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 101.
    Tiloca, Marco
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Seitz, Ludwig
    RISE, Swedish ICT, SICS.
    On Improving Resistance to Denial of Service and Key Provisioning Scalability of the DTLS Handshake2016In: International Journal of Information Security, ISSN 1615-5262, E-ISSN 1615-5270, Vol. 16, no 2, p. 173-193Article in journal (Refereed)
    Abstract [en]

    DTLS is a transport layer security protocol designed to provide secure communication over unreliable datagram protocols. Before starting to communicate, a DTLS client and server perform a specific handshake in order to establish a secure session and agree on a common security context. However, the DTLS handshake is affected by two relevant issues. First, the DTLS server is vulnerable to a specific Denial of Service (DoS) attack aimed at forcing the establishment of several half open sessions. This may exhaust memory and network resources on the server, so making it less responsive or even unavailable to legitimate clients. Second, although it is one of the most efficient key provisioning approaches adopted in DTLS, the pre-shared key provisioning mode does not scale well with the number of clients, it may result in scalability issues on the server side, and it complicates key re-provisioning in dynamic scenarios. This paper presents a single and efficient security architecture which addresses both issues, by substantially limiting the impact of DoS, and reducing the number of keys stored on the server side to one unit only. Our approach does not break the existing standard and does not require any additional message exchange between DTLS client and server. Our experimental results show that our approach requires a shorter amount of time to complete a handshake execution, and consistently reduces the time a DTLS server is exposed to a DoS instance. We also show that it considerably improves a DTLS server in terms of service availability and robustness against DoS attack.

  • 102.
    Tiloca, Marco
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Gehrmann, Christian
    RISE, Swedish ICT, SICS, Security Lab.
    Seitz, Ludwig
    RISE, Swedish ICT, SICS, Security Lab.
    Robust and Scalable DTLS Session Establishment2016In: ERCIM News, ISSN 0926-4981, E-ISSN 1564-0094, p. 31-32Article in journal (Refereed)
    Abstract [en]

    The Datagram Transport Layer Security (DTLS) protocol is highly vulnerable to a form of denial-of-service attack (DoS), aimed at establishing a high number of invalid, half-open, secure sessions. Moreover, even when the efficient pre-shared key provisioning mode is considered, the key storage on the server side scales poorly with the number of clients. SICS Swedish ICT has designed a security architecture that efficiently addresses both issues without breaking the current standard.

  • 103.
    Tiloca, Marco
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Nikitin, Kirill
    RISE, Swedish ICT, SICS.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Axiom - DTLS-based secure IoT group communication2017In: ACM Transactions on Embedded Computing Systems, ISSN 1539-9087, E-ISSN 1558-3465, Vol. 16, no 3Article in journal (Refereed)
    Abstract [en]

    This article presents Axiom, a DTLS-based approach to efficiently secure multicast group communication among IoT-constrained devices. Axiom provides an adaptation of the DTLS record layer, relies on key material commonly shared among the group members, and does not require one to perform any DTLS handshake. We made a proof-of-concept implementation of Axiom based on the tinyDTLS library for the Contiki OS and used it to experimentally evaluate performance of our approach on real IoT hardware. Results show that Axiom is affordable on resource-constrained platforms and performs significantly better than related alternative approaches.

  • 104.
    Tiloca, Marco
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Racciatti, Francesco
    University of Pisa, Italy.
    Dini, Gianluca
    University of Pisa, Italy.
    Simulative Evaluation of Security Attacks in Networked Critical Infrastructures2015In: Computer Safety, Reliability, and Security, 2015, 7, Vol. 9338, p. 314-323Conference paper (Refereed)
    Abstract [en]

    ICT is becoming a fundamental and pervasive component of critical infrastructures (CIs). Despite the advantages that it brings about, ICT also exposes CIs to a number of security attacks that can severely compromise human safety, service availability and business interests. Although it is vital to ensure an adequate level of security, it is practically infeasible to counteract all possible attacks to the maximum extent. Thus, it is important to understand attacks' impact and rank attacks according to their severity. We propose SEA++, a tool for simulative evaluation of attack impact based on the INET framework and the OMNeT++ platform. Rather than actually executing attacks, SEA++ reproduces their effects and allows to quantitatively evaluate their impact. The user describes attacks through a high-level description language and simulates their effects without any modification to the simulation platform. We show SEA++ capabilities referring to different attacks carried out against a traffic light system.

  • 105.
    Tiloca, Marco
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Stagkopoulou, Alexandra
    KTH Royal Institute of Technology, Sweden.
    Dini, Gianluca
    University of Pisa, Italy.
    Performance and Security Evaluation of SDN Networks in OMNeT++/INET2016In: Proceedings of the 3rd OMNeT++ Community Summit, 2016, 14Conference paper (Refereed)
    Abstract [en]

    Software Defined Networking (SDN) has been recently introduced as a new communication paradigm in computer networks. By separating the control plane from the data plane and entrusting packet forwarding to straightforward switches, SDN makes it possible to deploy and run networks which are more flexible to manage and easier to configure. This paper describes a set of extensions for the INET framework, which allow researchers and network designers to simulate SDN architectures and evaluate their performance and security at design time. Together with performance evaluation and design optimization of SDN networks, our extensions enable the simulation of SDN-based anomaly detection and mitigation techniques, as well as the quantitative evaluation of cyber-physical attacks and their impact on the network and application. This work is an ongoing research activity, and we plan to propose it for an official contribution to the INET framework.

  • 106.
    Trabalza, Daniele
    et al.
    RISE, Swedish ICT, SICS.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    INDIGO: Secure CoAP for Smartphones- Enabling E2E Secure Communication in the 6IoT2013Conference paper (Refereed)
  • 107.
    Vahidi, Arash
    et al.
    RISE, Swedish ICT, SICS, Security Lab.
    Jämthagen, Christopher
    Lund University, Sweden.
    Secure RPC in embedded systems - Evaluation of some GlobalPlatform implementation alternatives2013Conference paper (Refereed)
    Abstract [en]

    In secure computing systems, isolation between different components is normally the basis for security. However, absolute isolation is seldom desired nor practical. Often for the system to function, a secure communication channel between otherwise isolated components is also needed. In this work, we consider implementation of the secure RPC mechanism defined by the GlobalPlatform specification on top of some different isolation mechanisms. Furthermore, implementation details, performance and security will be discussed.

  • 108.
    Wallgren, Linus
    et al.
    RISE, Swedish ICT, SICS.
    Raza, Shahid
    RISE, Swedish ICT, SICS, Security Lab.
    Voigt, Thiemo
    RISE, Swedish ICT, SICS, Computer Systems Laboratory.
    Routing Attacks and Countermeasures in the RPL-based Internet of Things2013In: International Journal of Distributed Sensor Networks, ISSN 1550-1329, E-ISSN 1550-1477Article in journal (Refereed)
    Abstract [en]

    The Routing Protocol for Low-Power and Lossy Networks (RPL) is a novel routing protocol standardized for constrained environments such as 6LoWPAN networks. Providing security in IPv6/RPL connected 6LoWPANs is challenging be- cause the devices are connected to the untrusted Internet, are resource constrained, the communica- tion links are lossy, and the devices use a set of novel IoT technologies such as RPL, 6LoWPAN, and CoAP/CoAPs. In this paper we provide a comprehensive analysis of IoT technologies and their new security capabilities that can be exploited by attackers or IDSs. One of the major contributions in this paper is our implementation and demonstration of well-known routing attacks against 6LoWPAN networks running RPL as a routing protocol. We implement these attacks in the RPL imple- mentation in the Contiki operating system and demonstrate these attacks in the Cooja simulator. Furthermore, we highlight novel security features in the IPv6 protocol and exemplify the use of these features for intrusion detection in the IoT, by implementing a lightweight heartbeat protocol.

  • 109.
    Wiklund, Kristian
    et al.
    Ericsson, Sweden.
    Eldh, Sigrid
    Ericsson, Sweden.
    Sundmark, Daniel
    RISE, Swedish ICT, SICS, Security Lab. Mälardalen University.
    Lundqvist, Kristina
    Mälardalen University, Sweden.
    Technical Debt in Test Automation2012Conference paper (Refereed)
    Abstract [en]

    Automated test execution is one of the more popular and available strategies to minimize the cost for software testing, and is also becoming one of the central concepts in modern software development as methods such as test-driven development gain popularity. Published studies on test automation indicate that the maintenance and development of test automation tools commonly encounter problems due to unforeseen issues. To further investigate this, we performed a case study on a telecommunication subsystem to seek factors that contribute to inefficiencies in use, maintenance, and development of the automated testing performed within the scope of responsibility of a software design team. A qualitative evaluation of the findings indicates that the main areas of improvement in this case are in the fields of interaction design and general software design principles, as applied to test execution system development.

  • 110. Wiklund, Kristian
    et al.
    Sundmark, Daniel
    RISE, Swedish ICT, SICS. RISE, Swedish ICT, SICS, Security Lab.
    Eldh, Sigrid
    Lundqvist, Kristina
    Impediments in Agile Software Development: An Empirical Investigation2013Conference paper (Refereed)
  • 111.
    Wnuk, Krzysztof
    et al.
    Blekinge Institute of Technology, Sweden.
    Borg, Markus
    RISE, Swedish ICT, SICS, Security Lab.
    Muhammad Sulaman, Sardar
    Lund University, Sweden.
    An Industrial Case Study on Measuring the Quality of the Requirements Scoping Process2016In: Product-Focused Software Process Improvement / [ed] Pekka Abrahamsson, Andreas Jedlitschka, Anh Nguyen Duc, Michael Felderer, Sousuke Amasaki, Tommi Mikkonen, 2016, Vol. 10027, p. 487-494Conference paper (Refereed)
    Abstract [en]

    Decision making and requirements scoping occupy central roles in helping to develop products that are demanded by the customers and ensuring company strategies are accurately realized in product scope. Many companies experience continuous and frequent scope changes and fluctuations but struggle to measure the phenomena and correlate the measurement to the quality of the requirements process. We present the results from an exploratory interview study among 22 participants working with requirements management processes at a large company that develops embedded systems for a global market. Our respondents shared their opinions about the current set of requirements management process metrics as well as what additional metrics they envisioned as useful. We present a set of metrics that describe the quality of the requirements scoping process. The findings provide practical insights that can be used as input when introducing new measurement programs for requirements management and decision making.

123 101 - 111 of 111
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
v. 2.35.7