Scalable Attack Path Finding for Increased Security
Tom Gonda, Rami Puzis, and Bracha Shapira International Conference on Cyber Security Cryptography and Machine Learning (CSCML), 2017, 234-249 Link to document Software vulnerabilities can be leveraged by attackers to gain control of a host. Attackers can then use the controlled hosts as stepping stones for compromising other hosts until they create a path to […]
CRADLE: An Online Plan Recognition Algorithm for Exploratory Domains
In collaboration with Paulson School of Engineering and Applied Sciences, Harvard University Reuth Mirsky, Ya’akov Gal, Stuart Shieber ACM Transactions on Intelligent Systems and Technology 8 (3), 2017, 45 Link to document In exploratory domains, agents’ behaviors include switching between activities, extraneous actions, and mistakes.Such settings are prevalent in real world applications such as interaction […]
Shortest path for K-Goals
In collaboration with The Jerusalem College of Technology Roni Stern, Meir Goldenberg, Ariel Felner SoCS-2017 short paper Link to document The k-goal problem is a generalization of the ShortestPath Problem (SPP) in which the task is to solve k SPP problems,such that all the problems share the same start vertex.kGP was introduced to the heuristic […]
Session Analysis using Plan Recognition
In collaboration with PayPal Reuth Mirsky, Kobi Gal and David Tolpin Interfaces and Scheduling and Planning (UISP) ICAPS (2017) Link to document This paper presents preliminary results of our workwith a major financial company, where we try to usemethods of plan recognition in order to investigate theinteractions of a costumer with the company’s onlineinterface. In this […]
Advanced Flow Models for Computing the Reputation of Internet Domains
In collaboration with Sapir Academic College, Ashkelon, Israel Hussien Othman, Ehud Gudes, Nurit Gal-Oz IFIPTM 2017: 119-134 Link to document The Domain Name System (DNS) is an essential component of the Internet infrastructure that translates domain names into IP addresses. Recent incidents verify the enormous damage of malicious activities utilizing DNS such as bots that […]
Cryptographically Enforced Role-Based Access Control for NoSQL Distributed Databases
Yossif Shalabi, Ehud Gudes DBSec 2017: 3-19 Link to document The support for Role-Based Access Control (RBAC) using cryptography for NOSQL distributed databases is investigated. Cassandra is a NoSQL DBMS that efficiently supports very large databases, but provides rather simple security measures (an agent having physical access to a Cassandra cluster is usually assumed to […]
Brief Announcement: Privacy Preserving Mining of Distributed Data Using a Trusted and Partitioned Third Party
In collaboration with Dept. of Mathematics and Computer Science, The Open University, Raanana, Israel Nir Maoz, Ehud Gudes CSCML 2017: 193-195 Link to document We like to discuss the usability of new architecture of partitioned third party, offered in [1] for conducting a new protocols for data mining algorithms over shared data base between multiple […]
Crowdsourced Data Integrity Verification for Key-Value Stores in the Cloud
In collaboration with Dept. of Mathematics and Computer Science, The Open University, Raanana, Israel Grisha Weintraub, Ehud Gudes CCGrid 2017: 498-503 Link to document Abstract—Thanks to their high availability, scalability, andusability, cloud databases have become one of the dominantcloud services. However, since cloud users do not physicallypossess their data, data integrity may be at risk. […]
From Smashed Screens to Smashed Stacks: Attacking Mobile Phones using Malicious Aftermarket Parts
Shwartz, O., Shitrit, G., Shabtai, A., Oren, Y. Workshop on Security for Embedded and Mobile Systems (SEMS’17), Paris, France (April 30, 2017) Link to document In this preliminary study we present thefirst practical attack on a modern smartphone whichis mounted through a malicious aftermarket replacementpart (specifically, a replacement touchscreen).Our attack exploits the lax security checks […]
POSTER: Towards Exposing Internet of Things: A Roadmap
In collaboration with SUTD+ CSRC, Ben-Gurion University of the Negev Sachidananda, V., Toh, J., Siboni, S., Shabtai, A. and Elovici In Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security (pp. 1820-1822) (2016) Link to document Considering the exponential increase of Internet of Things(IoT) devices there is also unforeseen vulnerabilities associatedwith these […]
Let the Cat Out of the Bag: A Holistic Approach Towards Security Analysis of the Internet of Things
In collaboration with SUTD + CSRC, Ben-Gurion University of the Negev Sachidananda, V., Siboni, S., Shabtai, A., Toh, J., Bhairav, S. and Elovici, Y. In Proceedings of the 3rd ACM International Workshop on IoT Privacy, Trust, and Security (pp. 3-10) (2017) Link to document The exponential increase of Internet of Things (IoT) devices haveresulted in […]
Advanced security testbed framework for wearable IoT devices
In collaboration with Singapore University of Technology and Design, Singapore (SUTD) + Daegu Gyeongbuk Institute of Science and Technology, Daegu, South Korea (DGIST) Siboni, S., Shabtai, A., Tippenhauer, N.O., Lee, J. and Elovici, Y. ACM Transactions on Internet Technology (TOIT), 16(4), p.26 (2016) Link to document Analyzing the security of Wearable Internet-of-Things (WIoT) devices is […]