Skip to main content
Centre for Cyber Defence and Information Security

Publications

Publications associated with the CDIS research projects.

2026

Grosse, L., Saeidian, S., Oechtering, T. J., & Skoglund, M. (2026). Privacy Mechanism Design Based on Empirical Distributions. Accepted for presentation at the 39th IEEE Computer Security Foundations Symposium (CSF).

Jendral, S., & Dubrova, E. (2026). Side-Channel Attacks on VOLEitH Signature Schemes: Breaking Masked FAEST. Manuscript submitted to IACR Communications in Cryptology.

Jendral, S., Dubrova, E., Guo, Q., & Johansson, T. (2026). Correction Fault Attack on CROSS under Unknown Bit Flips. Manuscript submitted to IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES).

Saeidian, S., Yavuzyılmaz, A., Grosse, L., Schuppe, G., & Oechtering, T. J. (in press). A Tight Context-Aware Privacy Bound for Histogram Publication. Accepted for publication in IEEE Signal Processing Letters.

2025

Andersson, V., Bobadilla, S., Hobbelhagen, H., & Monperrus, M. (2025). PoCo: Agentic Proof-of-Concept Exploit Generation for Smart Contracts. Manuscript submitted to ACM Transactions on Software Engineering and Methodology (TOSEM).

Andreasson, A., & Lindquist, S. (2025). Envisioning cyber situation awareness through participatory video-prototyping. In Proceedings of the 22nd ISCRAM Conference (Halifax, Canada, May 2025).

Andreasson, A., Artman, H., Brynielsson, J., & Franke, U. (2025). Four personas in search of cyber situation awareness (preprint).

Birgersson, M., Artho, C., & Balliu, M. (2025). Trust and Verify: Formally Verified and Upgradable Trusted Functions. In Proceedings of ICSME 2025.

Dubrova, E. (2025). Solving AES-SAT using side-channel hints: A practical assessment. IACR Cryptology ePrint Archive (preprint).

Ekerå, M., & Gärtner, J. (2025). A high-level comparison of state-of-the-art quantum algorithms for breaking asymmetric cryptography. IACR Communications in Cryptology, 2(1), 1–36.

Engström, V., Nebbione, G., & Ekstedt, M. (2025). Modeling and Simulating Cyberattacks with the Dynamic Meta Attack Language. Manuscript submitted to Computers & Security.

Fernandez, L., & Karlsson, G. (2025). Measuring the Impact of Fuzzing Activity in Networking Software. In Proceedings of the 40th ACM/SIGAPP Symposium on Applied Computing (SAC ’25) (pp. 1–3). doi.org/10.1145/3672608.3707730

Grosse, L., Saeidian, S., Oechtering, T. J., & Skoglund, M. (2025). Bounds on the Privacy Amplification of Arbitrary Channels via the Contraction of fα-Divergence. Accepted at the 61st Allerton Conference on Communication, Control and Computing.

Gärtner, J. (2025). Compact Lattice Signatures via Rejection Sampling. In Proceedings of CRYPTO 2025 (best paper).

Gärtner, J. (2025). Improved rejection sampling for compact lattice signatures (preprint).

Ji, Y., Dubrova, E., & Wang, R. (2025). Is your Bluetooth chip leaking secrets via RF signals? Preprint.

Jendral, S., & Dubrova, E. (2025). Fault Attacks on VOLEitH Signature Schemes. IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES).

Jendral, S., & Dubrova, E. (2025). Single-trace Side-Channel Attacks on MAYO Exploiting Leaky Modular Multiplication.

Karlsson, H., & Guanciale, R. (2025). Partitioning Kernel with Capability-Controlled Temporal and Spatial Partitioning. Accepted at RTSS 2025.

Lavebrink, S., Brynielsson, J., Cohen, M., Kamrani, F., Limér, C., Lindström, M., & Vangeli, M. (2025). Strategic Steering of Large Language Models via Game-Theoretic Action Space Optimization. In Proceedings of ASONAM 2025. Springer.

Le, H., & Stadler, R. (2025). Learning Optimal Defender Strategies for CAGE-2 Using a POMDP Model. In Proceedings of CNSM 2025.

Lindström, M., Brynielsson, J., Cohen, M., Kamrani, F., Lavebrink, S., Limér, C., & Vangeli, M. (2025). Outsmarting Willful-Thinking Opponents: Bayesian Belief Revision for Adversarial Reasoning in Large Language Models. In Proceedings of ASONAM 2025. Springer. (Best paper award.)

Nyberg, J., & Johnson, P. (2025). Vejde: A Framework for Inductive Deep Reinforcement Learning Based on Factor Graph Color Refinement. Manuscript submitted to TMLR.

Saeidian, S., Cervia, G., Oechtering, T. J., & Skoglund, M. (2025). Rethinking Disclosure Prevention with Pointwise Maximal Leakage. Journal of Privacy and Confidentiality, 15(1).

Backman, S., & Stevens, T. (forthcoming). Cyber risk logics and their implications for cybersecurity. Forthcoming in special issue of International Affairs.

2024

Andreasson, A., Artman, H., Brynielsson, J., & Franke, U. (2024). Cybersecurity work at Swedish administrative authorities: Taking action or waiting for approval. Cognition, Technology & Work, 26(4), 709–731. doi: 10.1007/s10111-024-00779-1  

Balliu, M. (2024). Unveiling the Invisible: Detection and Evaluation of Prototype Pollution Gadgets with Dynamic Taint Analysis. In Proceedings of the ACM Web Conference 2024. doi.org/10.1145/3589334.3645579

Cornelissen, E., Shcherbakov, M., & Balliu, M. (2024). GHunter: Universal Prototype Pollution Gadgets in JavaScript Runtimes. In Proceedings of the 33rd USENIX Security Symposium (USENIX Security 24).

Engström, V., Nebbione, G., & Ekstedt, M. (2024). A Metalanguage for Dynamic Attack Graphs and Lazy Generation. In Proceedings of ARES ’24 (Article 31, pp. 1–11). doi.org/10.1145/3664476.3664508

Hammar, K. (2024). Optimal security response to network intrusions in IT systems (Doctoral dissertation, KTH Royal Institute of Technology, Stockholm, Sweden). TRITA-EECS-AVL-2024:85; ISBN 978-91-8106-093-5.

Hammar, K., & Stadler, R. (2024). Intrusion Tolerance for Networked Systems through Two-Level Feedback Control. In Proceedings of the 54th IEEE/IFIP International Conference on Dependable Systems and Networks (DSN 2024), 338–352. doi.org/10.1109/DSN58291.2024.00042

Hammar, K., Dhir, N., & Stadler, R. (2024). Optimal Defender Strategies for CAGE-2 Using Causal Modeling and Tree Search. Manuscript submitted to IEEE Transactions on Dependable and Secure Computing (TDSC). Preprint: arxiv.org/abs/2407.11070

Hammar, K., Li, T., Stadler, R., & Zhu, Q. (2024). Automated Security Response through Online Learning with Adaptive Conjectures. Manuscript submitted to IEEE Transactions on Information Forensics and Security (TIFS). Preprint: arxiv.org/abs/2402.12499

Jendral, S., Mattsson, J., & Dubrova, E. (2024). A Single-Trace Fault Injection Attack on Hedged Module Lattice Digital Signature Algorithm (ML-DSA). In Proceedings of the Fault Diagnosis and Tolerance in Cryptography Workshop (Sept. 2024).

Jendral, S., Ngo, K., Wang, R., & Dubrova, E. (2024). Breaking SCA-Protected CRYSTALS-Kyber with a Single Trace. In Proceedings of IEEE HOST 2024. eprint.iacr.org/2023/1587.pdf

Kanellopoulos, A., Mavridis, C., Thobaben, R., & Johansson, K. H. (2024). A Moving Target Defense Mechanism Based on Spatial Unpredictability for Wireless Communication. In Proceedings of ECC 2024. doi.org/10.23919/ECC64448.2024.10590962

Karlsson, H. A. (2024). Minimal Partitioning Kernel with Time Protection and Predictability. In 2024 IEEE European Symposium on Security and Privacy Workshops (EuroS&PW), 234–241. doi.org/10.1109/EuroSPW61312.2024.00031

Marinaro, T., Buiras, P., Lindner, A., Guanciale, R., & Nemati, H. (2024). Beyond Over-Protection: A Targeted Approach to Spectre Mitigation and Performance Optimization. In Proceedings of AsiaCCS ’24. doi.org/10.1145/3634737.3637651

Monperrus, M., et al. (2024). Highly Available Blockchain Nodes With N-Version Design. IEEE Transactions on Dependable and Secure Computing, 21(4), 4084–4097. doi.org/10.1109/TDSC.2023.3346195

Monperrus, M., et al. (2024). BUMP: A Benchmark of Reproducible Breaking Dependency Updates. In Proceedings of IEEE SANER 2024, 159–170. doi.org/10.1109/SANER60148.2024.00024

Nyberg, J., & Johnson, P. (2024). Structural Generalization in Autonomous Cyber Incident Response with Message-Passing Neural Networks and Reinforcement Learning. In 2024 IEEE International Conference on Cyber Security and Resilience (CSR), 282–289. doi.org/10.1109/CSR61664.2024.10679456

Umsonst, D., Saritas, S., Dán, G., & Sandberg, H. (2024). A Bayesian Nash Equilibrium-Based Moving Target Defense Against Stealthy Sensor Attacks. IEEE Transactions on Automatic Control, 69(3), 1659–1674. doi.org/10.1109/TAC.2023.3328754

Wang, R., Ngo, K., Gärtner, J., & Dubrova, E. (2024). Unpacking needs protection: A single-trace secret-key recovery attack on Dilithium. IACR Communications in Cryptology, 1(3), 1–26. doi.org/10.62056/a0fh89n4e

Birgersson, M., Balliu, M., & Artho, C. (2024). Sharing without Showing: Secure Cloud Analytics with Trusted Execution Environments. In Proceedings of IEEE SecDev 2024.

2023

Backlund, L., Ngo, K., Gärtner, J., & Dubrova, E. (2023). Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber. In Applied Cryptography and Network Security Workshops (ACNS 2023) (LNCS 13907). doi.org/10.1007/978-3-031-41181-6_9

Brisfors, M., Moraitis, M., Landin, G. K., & Jilborg, T. (2023). Attacking and Securing the Clock Randomization and Duplication Side-Channel Attack Countermeasure. In Foundations and Practice of Security (FPS 2023)(LNCS 14551). doi.org/10.1007/978-3-031-57537-2_23

Dubrova, E., Ngo, K., Gärtner, J., & Wang, R. (2023). Breaking a Fifth-Order Masked Implementation of CRYSTALS-Kyber by Copy-Paste. In Proceedings of the 10th ACM Asia Public-Key Cryptography Workshop (APKC ’23) (pp. 10–20). doi.org/10.1145/3591866.3593072

Engström, V., Johnson, P., Lagerström, R., Ringdahl, E., & Wällstedt, M. (2023). Automated Security Assessments of Amazon Web Service Environments. ACM Transactions on Privacy and Security, 26(2), 1–31. doi.org/10.1145/3570903

Fernandez, L., & Karlsson, G. (2023). Black-box Fuzzing for Security in Managed Networks: An Outline. IEEE Networking Letters. doi.org/10.1109/LNET.2023.3286443

Fernandez, L., & Karlsson, G. (2023). Squashing Resource Exhaustion Bugs with Black-box Fuzzing and Reinforcement Learning. In Proceedings of the 7th International Conference on System Reliability and Safety (ICSRS 2023), 439–448. doi.org/10.1109/ICSRS59833.2023.10381445

Gärtner, J. (2023). NTWE: A Natural Combination of NTRU and LWE. In PQCrypto 2023 (LNCS 14154). doi.org/10.1007/978-3-031-40003-2_12

Gärtner, J. (2023). Concrete Security from Worst-Case to Average-Case Lattice Reductions. In AFRICACRYPT 2023 (LNCS 14064). doi.org/10.1007/978-3-031-37679-5_15

Hammar, K., & Stadler, R. (2023). Scalable Learning of Intrusion Response Through Recursive Decomposition. In GameSec 2023 (LNCS 14167). doi.org/10.1007/978-3-031-50670-3_9

Hammar, K., & Stadler, R. (2023). Learning Near-Optimal Intrusion Responses Against Dynamic Attackers. IEEE Transactions on Network and Service Management. doi.org/10.1109/TNSM.2023.3293413

Hammar, K., & Stadler, R. (2023). Digital Twins for Security Automation. In Proceedings of NOMS 2023, 1–6. doi.org/10.1109/NOMS56928.2023.10154288

Moraitis, M., Brisfors, M., Dubrova, E., Lindskog, N., & Englund, H. (2023). A side-channel resistant implementation of AES combining clock randomization with duplication. In Proceedings of IEEE ISCAS 2023, 1–5. doi.org/10.1109/ISCAS46773.2023.10181621

Moraitis, M., Ji, Y., Brisfors, M., Dubrova, E., Lindskog, N., & Englund, H. (2023). Securing CRYSTALS-Kyber in FPGA Using Duplication and Clock Randomization. IEEE Design & Test, 41(5), 7–16. doi.org/10.1109/MDAT.2023.3298805

Nyberg, J., & Johnson, P. (2023). Learning Automated Defense Strategies Using Graph-Based Cyber Attack Simulations. In Workshop on Security Operation Center Operations and Construction (WOSOC) 2023, 1–8. doi.org/10.14722/wosoc.2023.23006

Wang, R., Ngo, K., Gärtner, J., & Dubrova, E. (2023). Single-Trace Side-Channel Attacks on CRYSTALS-Dilithium: Myth or Reality? IACR Cryptology ePrint Archive, Report 2023/1931.

2022

 Brisfors, M., Moraitis, M., & Dubrova, E. (2022). Do not rely on clock randomization: A side-channel attack on a protected hardware implementation of AES. In Proceedings of FPS 2022 (Ottawa, Canada).

Engström, V., & Lagerström, R. (2022). Two decades of cyberattack simulations: A systematic literature review. Computers & Security, 116, 102681. doi.org/10.1016/j.cose.2022.102681

Franke, U., Andreasson, A., Artman, H., Brynielsson, J., Varga, S., & Vilhelm, N. (2022). Cyber situational awareness issues and challenges. In Cybersecurity and Cognitive Science (pp. 235–265). doi.org/10.1016/B978-0-323-90570-1.00015-2

Hammar, K., & Stadler, R. (2022). An Online Framework for Adapting Security Policies in Dynamic IT Environments. In Proceedings of CNSM 2022, 359–363. doi.org/10.23919/CNSM55787.2022.9964838

Hammar, K., & Stadler, R. (2022). A System for Interactive Examination of Learned Security Policies. In Proceedings of NOMS 2022, 1–3. doi.org/10.1109/NOMS54207.2022.9789707

Hammar, K., & Stadler, R. (2022). Intrusion Prevention through Optimal Stopping. IEEE Transactions on Network and Service Management. doi.org/10.1109/TNSM.2022.3176781

Hammar, K., & Stadler, R. (2022). Learning Security Strategies through Game Play and Optimal Stopping. In ICML ML4Cyber Workshop 2022. Preprint: arXiv:2205.14694

Ngo, K., & Dubrova, E. (2022). Side-Channel Analysis of the Random Number Generator in STM32 MCUs. In Proceedings of GLSVLSI 2022. doi.org/10.1145/3526241.3530324

Ngo, K., Wang, R., Dubrova, E., & Paulsrud, N. (2022). Side-channel attacks on lattice-based KEMs are not prevented by higher-order masking. IACR Cryptology ePrint Archive (technical report).

Wang, R., Ngo, K., & Dubrova, E. (2022). A message recovery attack on LWE/LWR-based PKE/KEMs using amplitude modulated EM emanations. In Proceedings of the International Conference on Information Security and Cryptology.

Wang, R., Ngo, K., & Dubrova, E. (2022). Side-channel analysis of Saber KEM using amplitude-modulated EM emanations. In Proceedings of the Euromicro Conference on Digital System Design 2022.

Wang, R., Ngo, K., & Dubrova, E. (2022). Making biased DL models work: Message and key recovery attacks on Saber using amplitude-modulated EM emanations. IACR Cryptology ePrint Archive (technical report).

Nyberg, J., Johnson, P., & Méhes, A. (2022). Cyber threat response using reinforcement learning in graph-based attack simulations. In Proceedings of NOMS 2022, 1–4. doi.org/10.1109/NOMS54207.2022.9789835

2021

Andreasson, A., Artman, H., Brynielsson, J., & Franke, U. (2021). A census of Swedish public sector employee communication on cybersecurity during the COVID-19 pandemic. In Proceedings of CyberSA 2021, 1–8. doi.org/10.1109/CyberSA52016.2021.9478241

Birgersson, M., Artho, C., & Musard, M. (2021). Security-Aware Multi-User Architecture for IoT. In Proceedings of IEEE QRS 2021. urn:nbn:se:kth:diva-305259

Grenfeldt, M., Olofsson, A., Engström, V., & Lagerström, R. (2021). Attacking Websites Using HTTP Request Smuggling: Empirical Testing of Servers and Proxies. In Proceedings of EDOC 2021, 173–181. doi.org/10.1109/EDOC52215.2021.00028

Hammar, K., & Stadler, R. (2021). Learning Intrusion Prevention Policies through Optimal Stopping. In Proceedings of CNSM 2021, 509–517. doi.org/10.23919/CNSM52442.2021.9615542

Ngo, K., Dubrova, E., & Johansson, T. (2021). Breaking masked and shuffled CCA secure Saber KEM by power analysis. In Proceedings of ASHES 2021. doi.org/10.1145/3474376.3487277

Ngo, K., Dubrova, E., Guo, Q., & Johansson, T. (2021). A Side-Channel Attack on a Masked IND-CCA Secure Saber KEM Implementation. IACR Transactions on Cryptographic Hardware and Embedded Systems (TCHES), 2021(4), 676–707. doi.org/10.46586/tches.v2021.i4.676-707

2020

 Andreasson, A., Artman, H., Brynielsson, J., & Franke, U. (2020). A census of Swedish government administrative authority employee communications on cybersecurity during the COVID-19 pandemic. In Proceedings of ASONAM 2020, 727–733. doi.org/10.1109/ASONAM49781.2020.9381324

Hammar, K., & Stadler, R. (2020). Finding Effective Security Strategies through Reinforcement Learning and Self-Play. In Proceedings of CNSM 2020, 1–9. doi.org/10.23919/CNSM50824.2020.9269092