Till innehåll på sidan
Centrum för cyberförsvar och informationssäkerhet

Publikationer

Publikationer i samband med CDIS forskningsprojekt.

2023

L. Backlund, K. Ngo, J. Gärtner, and E. Dubrova, "Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber". In: Zhou, J., et al. Applied Cryptography and Network Security Workshops. ACNS 2023. Lecture Notes in Computer Science, vol 13907. Springer, Cham, doi: 10.1007/978-3-031-41181-6_9

E. Dubrova, K. Ngo, J. Gärtner, and R. Wang, "Breaking a Fifth-Order Masked Implementation of CRYSTALS-Kyber by Copy-Paste", in Proceedings of the 10th ACM Asia Public-Key Cryptography Workshop, Melbourne, Australia, 2023, pp. 10-20, doi: 10.1145/3591866.3593072

 V. Engström, P. Johnson, R. Lagerström, E. Ringdahl, and M. Wällstedt, "Automated Security Assessments of Amazon Web Service Environments", ACM Transactions on Privacy and Security, 26(2), 1-31, doi: 10.1145/3570903

L. Fernandez and G. Karlsson, "Black-box Fuzzing for Security in Managed Networks: An Outline," in IEEE Networking Letters, doi: 10.1109/LNET.2023.3286443 .

J. Gärtner, "NTWE: A Natural Combination of NTRU and LWE". In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography. PQCrypto 2023. Lecture Notes in Computer Science, vol 14154. Springer, Cham, doi: 10.1007/978-3-031-40003-2_12

J. Gärtner, "Concrete Security from Worst-Case to Average-Case Lattice Reductions". In: El Mrabet, N., De Feo, L., Duquesne, S. (eds) Progress in Cryptology - AFRICACRYPT 2023. AFRICACRYPT 2023. Lecture Notes in Computer Science, vol 14064. Springer, Cham, doi: 10.1007/978-3-031-37679-5_15

K. Hammar and R. Stadler, ”Scalable Learning of Intrusion Response Through Recursive Decomposition”. In: Fu, J., Kroupa, T., Hayel, Y. (eds) Decision and Game Theory for Security. GameSec 2023. Lecture Notes in Computer Science, vol 14167. Springer, Cham. https://doi.org/10.1007/978-3-031-50670-3_9

K. Hammar and R. Stadler, "Learning Near-Optimal Intrusion Responses Against Dynamic Attackers," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2023.3293413 .

K. Hammar and R. Stadler, "Digital Twins for Security Automation," NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Miami, FL, USA, 2023, pp. 1-6, doi: 10.1109/NOMS56928.2023.10154288.

 J. Nyberg and P. Johnson, "Learning Automated Defense Strategies Using Graph-Based Cyber Attack Simulations ," Workshop on Security Operation Center Operations and Construction (WOSOC) 2023, pp. 1-8, doi: 10.14722/wosoc.2023.23006

2022

M. Brisfors, M. Moriatis, and E. Dubrova, "Do not rely on clock randomization: A side-channel attack on a protected hardware implementation of AES," 15th International Symposium on Foundations & Practice of Security (FPS'2022), Ottawa, Canada.

V. Engström and R. Lagerström, "Two decades of cyberattack simulations: A systematic literature review," Computers & security, vol. 116, s. 102681-102681, doi: 10.1016/j.cose.2022.102681

U. Franke, A. Andreasson, H. Artman, J.Brynielsson, S. Varga, and N. Vilhelm, " Cyber situational awareness issues and challenges," in Cybersecurity and Cognitive Science, A. A. Moustafa, Ed. San Diego: Academic Press, 2022, pp. 235-265, doi: 10.1016/B978-0-323-90570-1.00015-2

K. Hammar and R. Stadler, "An Online Framework for Adapting Security Policies in Dynamic IT Environments," 2022 18th International Conference on Network and Service Management (CNSM), Thessaloniki, Greece, 2022, pp. 359-363, doi: 10.23919/CNSM55787.2022.9964838 .

K. Hammar and R. Stadler, "A System for Interactive Examination of Learned Security Policies," NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2022, pp. 1-3, doi: 10.1109/NOMS54207.2022.9789707

K. Hammar and R. Stadler, "Intrusion Prevention through Optimal Stopping," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2022.3176781

K. Hammar and R. Stadler. "Learning Security Strategies through Game Play and Optimal Stopping", ICML Ml4Cyber Workshop 2022: International Conference on Machine Learning, arXiv: 2205.14694 .

 J. Nyberg, P. Johnson, and A. Méhes, "Cyber threat response using reinforcement learning in graph-based attack simulations," NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2022, pp. 1-4, doi: 10.1109/NOMS54207.2022.9789835

K. Ngo, and E. Dubrova, "Side-Channel Analysis of the Random Number Generator in STM32 MCUs," Proceedings of the Great Lakes Symposium on VLSI 2022, doi: 10.1145/3526241.3530324

K. Ngo, R. Wang, E. Dubrova, and N. Paulsrud, "Side-channel attacks on lattice-based KEMs are not prevented byhigher-order masking," Cryptology ePrint Archive

R. Wang, K. Ngo, and E. Dubrova, "A message recovery attack on LWE/LWR-based PKE/KEMs using amplitude modulated EM emanations," 25th Annual International Conference on Information Security and Cryptology.

R. Wang, K. Ngo, and E. Dubrova, "Side-channel analysis of Saber KEM using amplitude-modulated EM emanations,"  Euromicro Conference on Digital Systems Design 2022.

R. Wang, K. Ngo, and E. Dubrova, "Making biased DL models work: Message and key recovery attacks on saber using amplitude-modulated EM emanations," Cryptology ePint Archive

2021

A. Andreasson, H. Artman, J. Brynielsson and U. Franke, “A census of Swedish public sector employee communication on cybersecurity during the COVID-19 pandemic,” 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2021, pp. 1-8, doi: 10.1109/CyberSA52016.2021.9478241

M. Birgersson, C. Artho and M. Musard, "Security-Aware Multi-User Architecture for IoT," 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS'21), 2021, urn: urn:nbn:se:kth:diva-305259

M. Grenfeldt, A. Olofsson, V. Engström and R. Lagerström, "Attacking Websites Using HTTP Request Smuggling: Empirical Testing of Servers and Proxies," 2021 IEEE 25th International Enterprise Distributed Object Computing Conference (EDOC), 2021, pp. 173-181, doi: 10.1109/EDOC52215.2021.00028 .

K. Hammar and R. Stadler, "Learning Intrusion Prevention Policies through Optimal Stopping," 2021 17th International Conference on Network and Service Management (CNSM), 2021, pp. 509-517, doi: 10.23919/CNSM52442.2021.9615542 .

K. Ngo, E. Dubrova, and T. Johansson, "Breaking masked and shuffled CCA secure Saber KEM by power analysis," in Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security 2021, doi: 10.1145/3474376.3487277

K. Ngo, E. Dubrova, Q. Guo, and T. Johansson, “A Side-Channel Attack on a Masked IND-CCA Secure Saber KEM Implementation”, IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(4), 676–707. doi: 10.46586/tches.v2021.i4.676-707

2020

A. Andreasson, H. Artman, J. Brynielsson, and U. Franke, “A census of Swedish government administrative authority employee communications on cybersecurity during the COVID-19 pandemic,” in Proceedings of the 2020 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2020). IEEE, 2020, pp. 727-733, doi: doi.org/10.1109/ASONAM49781.2020.9381324

K. Hammar and R. Stadler, “Finding Effective Security Strategies through Reinforcement Learning and Self-Play,” 2020 16th International Conference on Network and Service Management (CNSM), Izmir, Turkey, 2020, pp. 1-9, doi: 10.23919/CNSM50824.2020.9269092