Publications
Some recent selected publications from the Software Systems Architecture and Security (SSAS) group.
Journal publications
M. Välja, F. Heiding, U. Franke, and R. Lagerström, " Automating threat modeling using an ontology framework : Validated with data from critical infrastructures," Cybersecurity, vol. 3, no. 19, 2020.
S. Hacks, S. Katsikeas, E. Ling, R. Lagerström, and M. Ekstedt, " powerLang : a probabilistic attack simulation language for the power domain ," Energy Informatics, vol. 3, no. 1, 2020.
A. Iqbal, F. Mahmood and M. Ekstedt, “ Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems. Energies ,” July 2019; 12(13):2598.
Wenjun Xiong and Robert Lagerström, “ Threat Modeling: A Systematic Literature Review ,” in Computers & Security, vol. 84, July 2019, pp. 53-69.
Robert Lagerström, Alan MacCormack, David Dreyfus, and Carliss Baldwin, “ A Methodology for Operationalizing Enterprise IT Architecture and Evaluating its Modifiability ,” in the International Journal of Complex Systems Informatics and Modeling Quarterly (CSIMQ), no. 19, June/July, pp- 75-98, 2019.
Pontus Johnson, Robert Lagerström, Mathias Ekstedt, and Ulrik Franke, ” Can the Common Vulnerability Scoring System be Trusted? A Bayesian Analysis ,” in Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 1002-1015, 2018.
Alexandre Vernotte, Margus Välja, Matus Korman, Gunnar Björkman, Mathias Ekstedt, and Robert Lagerström, “ Load Balancing of Renewable Energy: A Cyber Security Analysis ,” in Energy Informatics, vol. 1, no. 1, Springer Open, 2018.
Robert Lagerström, Pontus Johnson, Mathias Ekstedt, Ulrik Franke, and Khurram Shahzad, ” Analyzing System Architectures in the Multi-Attribute Prediction Language (MAPL): Iteratively Developed using Multiple Case Studies ,” in the International Journal of Complex Systems Informatics and Modeling Quarterly (CSIMQ), no. 11, June/July, pp- 38-68, 2017.
Johnson, Pontus, and Mathias Ekstedt. " The Tarpit–A general theory of software engineering. " Information and Software Technology 70 (2016): 181-203.
Pontus Johnson, Dan Gorton, Robert Lagerström, and Mathias Ekstedt, “ Time Between Vulnerability Disclosures: A Measure of Software Product Vulnerability ,” in Computers & Security, vol. 62, pp. 278-295, 2016.
H. Holm, K Shahzad, M. Buschle, M Ekstedt, " P2CySeMoL : Predictive, Probabilistic Cyber Security Modeling Language ," IEEE Transactions on Dependable and Secure Computing, vol. 12, no. 6, s. 626-639, 2015.
T. Sommestad, M. Ekstedt och H. Holm, " The Cyber Security Modeling Language : A Tool for Assessing the Vulnerability of Enterprise System Architectures ," IEEE Systems Journal, vol. 7, no. 3, s. 363-373, 2013.
H. Holm, M. Ekstedt och D. Andersson, " Empirical Analysis of System-Level Vulnerability Metrics through Actual Attacks ," IEEE Transactions on Dependable and Secure Computing, vol. 9, no. 6, s. 825-837, 2012.
P. Johnson, M. Ekstedt och I. Jacobson, " Where's the theory for software engineering? ," IEEE Software, vol. 29, no. 5, s. 94-95, 2012.
T. Sommestad, M. Ekstedt och P. Johnson, " A probabilistic relational model for security risk analysis ," Computers & security, vol. 29, no. 6, s. 659-679, 2010.
Conference publications
E. Ling, R. Lagerström och M. Ekstedt, "A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain," i Critical Information Infrastructures Security, CRITIS. 15th International Conference, CRITIS 2020, Bristol, UK, September 2–3, 2020, Proceedings, 2020, s. 47-58.
S. Katsikeas et al., "An Attack Simulation Language for the IT Domain," i Graphical Models for Security, 2020, s. 67-86.
N. Kakouros, P. Johnson och R. Lagerström, "Detecting plagiarism in penetration testing education," i Nordsec 2020, The 25th Nordic Conference on Secure IT Systems, November 23-24, Online, 2020.
S. Kavosi, S. Hacks och R. Lagerström, "Divergence Between Conceptual Business Process Management and its Practical Business Improvement Implementation : A Comparative Study," i IEEE 22nd Conference on Business Informatics (CBI) Workshops, 2020, s. 65-70.
F. Heiding et al., "Securing IoT Devices using Geographic and Continuous Login Blocking: A Honeypot Study," i Proceedings of the 6th International Conference on Information Systems Security and Privacy 2020, 2020, s. 424-431.
R. Lagerström, W. Xiong och M. Ekstedt, "Threat modeling and attack simulations of smart cities : A literature review and explorative study," i ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy, 2020, s. 369-376.
Simon Hacks, Alexander Hacks, Sotirios Katsikeas, Benedikt Klaer and Robert Lagerström, “Creating MAL Instances Using ArchiMate on the Example of Attacks on Power Plants and Power Grids,” in the proceedings of the Enterprise Computing Conference, IEEE EDOC, 2019.
Wenjun Xiong and Robert Lagerström, “Threat Modeling of Connected Vehicles: A privacy analysis and extension of vehicleLang,” in the Proc. of the IEEE Cyber Science conference, 2019.
Sotirios Katsikeas, Pontus Johnson, Simon Hacks, and Robert Lagerström, “Probabilistic Modeling and Simulation of Vehicular Cyber Attacks: An Application of the Meta Attack Language,” in the Proc. of the 5th International Conference on Information Systems Security and Privacy (ICISSP), 2019.
Wenjun Xiong, Fredrik Krantz, and Robert Lagerström, “Threat modeling and attack simulations of connected vehicles: a research outlook,” in the Proc. of the 5th International Conference on Information Systems Security and Privacy (ICISSP), 2019.
Xinyue Mao, Mathias Ekstedt, Engla Ling, Erik Ringdahl, and Robert Lagerström, “Conceptual Abstraction of Attack Graphs : a Use Case of securiCAD,” in the Proc. of the the Sixth International Workshop on Graphical Models for Security (GraMSec), 2019.
Wenjun Xiong, Per Carlsson and Robert Lagerström, “Re-using Enterprise Architecture Repositories for Agile Threat Modeling: A Case Study employing the Hidden Structure Method,” in the proceedings of the 10th Workshop on Service oriented Enterprise Architecture for Enterprise Engineering (SoEA4EE), in conjunction with the IEEE EDOC conference, 2019.
Open-access computer programs
Pontus Johnson, Mathias Ekstedt, and Robert Lagerström, ” The Meta Attack Language (MAL) .” Including MAL based languages such as coreLang, vehicleLang, cloudLang, enterpriseLang, powerLang.
Pontus Johnson, Robert Lagerström, and Mathias Ekstedt, “ A Meta Language for Threat Modeling and Attack Simulations ,” in Proc. of the International Conference on Availability, Reliability and Security (ARES 2018) and the joint International Workshop on Cyber Threat Intelligence (WCTI 2018), 2018.
Vulnerabilities
CVE-2020-13119
- ismartgate PRO 1.5.9 is vulnerable to clickjacking. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12843
- ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading sounds to garage doors. The magic bytes for WAV must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12842
- ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkUserExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12841
- ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload imae files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12840
- ismartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to upload sound files via /index.php Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12839
- ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/checkExpirationDate.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12838
- ismartgate PRO 1.5.9 is vulnerable to privilege escalation by appending PHP code to /cron/mailAdmin.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12837
- ismartgate PRO 1.5.9 is vulnerable to malicious file uploads via the form for uploading images to garage doors. The magic bytes of PNG must be used. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12282
- iSmartgate PRO 1.5.9 is vulnerable to CSRF via the busca parameter in the form used for searching for users, accessible via /index.php. (This can be combined with reflected XSS.) Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12281
- iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to create a new user via /index.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-12280
- iSmartgate PRO 1.5.9 is vulnerable to CSRF that allows remote attackers to open/close a specified garage door/gate via /isg/opendoor.php. Student: Madeleine Berner, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2020-15781 - XSS in Siemens SICAM A8000 RTUs. Student: Emma Good, Supervisor: Pontus Johnson, Examiner: Mathias Ekstedt
CVE-2019-12941 - AutoPi Wi-Fi/NB and 4G/LTE devices allows an attacker to perform a brute-force attack or dictionary attack to gain access to the WiFi network, which provides root access to the device. Students: Aldin Burdzovic and Jonathan Matsson, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12944 - Glue Smart Lock 2.7.8 devices do not properly block guest access in certain situations where the network connection is unavailable. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12943 - Insecure permission, password reset function, in TTLock Open Platform. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12942 - Insecure permission, account revocation mechanism, in TTLock Open Platform. Student: Arvid Viderberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12821 - Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, while adding a device to the account using a QR-code. Students: Theodor Olsson and Albin Larsson Forsberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12820 - Vulnerability in the app 2.0 of the Shenzhen Jisiwei i3 robot vacuum cleaner, possible MiTM attack on http. Students: Theodor Olsson and Albin Larsson Forsberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2019-12797 - Vulnerability in a clone version of an ELM327 OBD2 Bluetooth device, hardcoded PIN leading to arbitrary commands to an OBD-II bus of a vehicle. Students: Ludvig Christensen and Daniel Dannberg, Supervisor: Pontus Johnson, Examiner: Robert Lagerström.
CVE-2018-3786 - A command injection vulnerability in egg-scripts <v2.8.1 allows arbitrary shell command execution through a maliciously crafted command line argument. Pontus Johnson