liu.seSearch for publications in DiVA
Change search
Refine search result
1 - 16 of 16
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Rows per page
  • 5
  • 10
  • 20
  • 50
  • 100
  • 250
Sort
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
  • Standard (Relevance)
  • Author A-Ö
  • Author Ö-A
  • Title A-Ö
  • Title Ö-A
  • Publication type A-Ö
  • Publication type Ö-A
  • Issued (Oldest first)
  • Issued (Newest first)
  • Created (Oldest first)
  • Created (Newest first)
  • Last updated (Oldest first)
  • Last updated (Newest first)
  • Disputation date (earliest first)
  • Disputation date (latest first)
Select
The maximal number of hits you can export is 250. When you want to export more records please use the Create feeds function.
  • 1.
    Ardi, Shanai
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Byers, David
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Meland, Per Håkon
    SINTEF ICT, Trondheim, Norway.
    Tøndel, Inger Anne
    SINTEF ICT, Trondheim, Norway.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    How can the developer benefit from security modeling?2007In: Second International Conference on Availability, Reliability and Security, 2007, IEEE Computer Society, 2007, p. 1017-1025Conference paper (Refereed)
    Abstract [en]

    Security has become a necessary part of nearly every software development project, as the overall risk from malicious users is constantly increasing, due to increased consequences of failure, security threats and exposure to threats. There are few projects today where software security can be ignored. Despite this, security is still rarely taken into account throughout the entire software lifecycle; security is often an afterthought, bolted on late in development, with little thought to what threats and exposures exist. Little thought is given to maintaining security in the face of evolving threats and exposures. Software developers are usually not security experts. However, there are methods and tools available today that can help developers build more secure software. Security modeling, modeling of e.g., threats and vulnerabilities, is one such method that, when integrated in the software development process, can help developers prevent security problems in software. We discuss these issues, and present how modeling tools, vulnerability repositories and development tools can be connected to provide support for secure software development

  • 2.
    Ardi, Shanai
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Byers, David
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Towards a Structured Unified Process for Software Security2006In: ICSE Workshop on Software Engineering for Secure Systems,2006, ACM , 2006, p. 3-10Conference paper (Refereed)
  • 3.
    Byers, David
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Improving Software Security by Preventing Known Vulnerabilities2013Doctoral thesis, monograph (Other academic)
    Abstract [en]

    From originally being of little concern, security has become a crucial quality factor in modern software. The risk associated with software insecurity has increased dramatically with increased reliance on software and a growing number of threat agents. Nevertheless, developers still struggle with security. It is often an afterthought, bolted on late in development or even during deployment. Consequently the same kinds of vulnerabilities appear over and over again.

    Building security in to software from its inception and constantly adapting processes and technology to changing threats and understanding of security can significantly contribute to establishing and sustaining a high level of security.

    This thesis presents the sustainable software security process, the S3P, an approach to software process improvement for software security that focuses on preventing known vulnerabilities by addressing their underlying causes, and sustaining a high level of security by adapting the process to new vulnerabilities as they become known. The S3P is designed to overcome many of the known obstacles to software process improvement. In particular, it ensures that existing knowledge can be used to its full potential and that the process can be adapted to nearly any environment and used in conjunction with other other software security processes and security assurance models.

    The S3P is a three-step process based on semi-formal modeling of vulnerabilities, ideally supported by collaborative tools. Such proof-of-concept tools were developed for all parts of the process as part of the SHIELDS project.

    The first two steps of the S3P consist in determining the potential causes of known vulberabilities at all stages of software development, then identifying measures that would prevent each individual cause. These steps are performed using visual modeling languages with well-defined semantics and a modeling workflow. With tool support, modeling effort can be progressively reduced through collaboration and use of pre-existing models.

    Next, the costs of all potential measures are estimated using any suitable method. This thesis uses pairwise comparisons in order to support qualitative judgements. The models and costs yield a boolan optimization problem that is solved using a search-based heuristic, to identify the best set of measures to prevent selected vulnerabilities.

    Empirical evaluation of the various steps of the process has verified a number of key aspects: the modeling process is easy to learn and apply, and the method is perceived by developers as providing value and improving security. Early evaluation results were also used to refine certain aspects of the S3P.

    The modeling languages that were introduced in the S3P have since been enhanced to support other applications. This thesis presents security goal models (SGMs), a language that subsumes several security-related modeling languages to unify modeling of threats, attacks, vulnerabilities, activities, and security goals. SGMs have formal semantics and are sufficiently expressive to  support applications as diverse as automatic run-time testing, static analysis, and code inspection. Proofof-concept implementations of these applications were developed as part of the SHIELDS project.

    Finally, the thesis discusses how individual components of the S3P can be used in situations where the full process is inappropriate.

  • 4.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Ardi, Shanai
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Duma, Claudiu
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Modeling Software Vulnerabilities with Vulnerability Cause Graphs2006In: International Conference on Software Maintenance,2006, IEEE , 2006, p. 411-422Conference paper (Refereed)
  • 5.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    A Cause-Based Approach to Preventing Software Vulnerabilities2008In: Third International Conference on Availability, Reliability and Security, 2008, IEEE Computer Society, 2008, p. 276-283Conference paper (Refereed)
    Abstract [en]

    Security is often an afterthought in software development, sometimes even bolted on during deployment or in maintenance through add-on security software and penetrate-and-patch maintenance. We think that security needs to be an integral part of software development and that preventing vulnerabilities by addressing their causes is as important as detecting and fixing them. In this paper we present a method for determining how to prevent vulnerabilities from being introduced during software development. Our method allows developers to select the set of activities that suits them best while being assured that those activities will prevent vulnerabilities. Our method is based on formal modeling of vulnerability causes and is independent of the software development process being used.

  • 6.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    A systematic evaluation of disk imaging in EnCase® 6.8 and LinEn 6.12009In: Digital Investigation, ISSN 1742-2876, Vol. 6, no 1-2, p. 61-70Article in journal (Refereed)
    Abstract [en]

    Tools for disk imaging (or more generally speaking, digital acquisition) are a foundation for forensic examination of digital evidence. Therefore it is crucial that such tools work as expected. The only way to determine whether this is the case or not is through systematic testing of each tool. In this paper we present such an evaluation of the disk imaging functions of EnCase 6.8® and LinEn 6.1, conducted on behalf of the Swedish National Laboratory of Forensic Science. Although both tools performed as expected under most circumstances, we identified cases where flaws that can lead to inaccurate and incomplete acquisition results in LinEn 6.1 were exposed. We have also identified limitations in the tool that were not evident from its documentation. In addition summarizing the test results, we present our testing methodology, which has novel elements that we think can benefit other evaluation projects.

  • 7.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Contagious errors: Understanding and avoiding issues with imaging drives containing faulty sectors2008In: Digital Investigation. The International Journal of Digital Forensics and Incident Response, ISSN 1742-2876, E-ISSN 1873-202X, Vol. 5, no 1, p. 29-33Article in journal (Refereed)
    Abstract [en]

    When using certain tools to image drives that contain faulty sectors, the tool may fail to acquire a run of sectors even though only one of the sectors is really faulty. This phenomenon, which we have dubbed "contagious errors was reported by James Lyle and Mark Wozar in a recent paper presented at DFRWS 2007 [Lyle, J., Wozar, M. Issues with imaging drives containing faulty sectors. Digital Investigation 2007; 4S: S13-5.]. Their results agree with our own experience from testing disk imaging software as part of our work for the Swedish National Laboratory of Forensic Science. We have explored the issue further, in order to determine the cause of contagious errors and to find ways around the issue. In this paper we present our analysis of the cause of contagious errors as well as several ways practitioners can avoid the problem. In addition we present our insights into the problem of consistently faulty drives in forensic tool testing.

  • 8.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Design of a Process for Software Security2007In: Second International Conference on Availability, Reliability and Security, 2007, IEEE Computer Society, 2007, p. 301-309Conference paper (Refereed)
    Abstract [en]

    Security is often an afterthought when developing software, and is often bolted on late in development or even during deployment or maintenance, through activities such as penetration testing, add-on security software and penetrate-and-patch maintenance. We believe that security needs to be built in to the software from the beginning, and that security activities need to take place throughout the software lifecycle. Accomplishing this effectively and efficiently requires structured approach combining a detailed understanding on what causes vulnerabilities, and how to prevent them. In this paper we present a process for software security that is based on vulnerability cause graphs, a formalism we have developed for modeling the causes of software vulnerabilities. The purpose of the software security process is to evolve the software development process so that vulnerabilities are prevented. The process we present differs from most current approaches to software security in its high degree of adaptability and in its ability to evolve in step with changing threats and risks. This paper focuses on how to apply the process and the criteria that have influenced the process design

  • 9.
    Byers, David
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Graphical Modeling of Security Goals and Software Vulnerabilities2015In: Handbook of Research on Innovations in Systems and Software Engineering / [ed] Vicente García Díaz, Juan Manuel Cueva Lovelle, B. Cristina Pelayo García-Bustelo, IGI Global, 2015, p. 1-31Chapter in book (Refereed)
    Abstract [en]

    Security has become recognized as a critical aspect of software development, leading to the development of various security-enhancing techniques, many of which use some kind of custom modeling language. Models in different languages cannot readily be related to each other, which is an obstacle to using several techniques together. The sheer number of languages is, in itself, also an obstacle to adoption by developers. The authors have developed a modeling language that can be used in place of four existing modeling languages: attack trees, vulnerability cause graphs, security activity graphs, and security goal indicator trees. Models in the new language can be transformed to and from the earlier language, and a precise definition of model semantics enables an even wider range of applications, such as testing and static analysis. This chapter explores this new language.

  • 10.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Modeling Security Goals and Software Vulnerabilities2011In: Dependability and Computer Engineering: Concepts for Software-Intensive Systems / [ed] Luigia Petre, Kaisa Sere, Elena Troubitsyna, IGI Global, 2011, p. 171-198Chapter in book (Other academic)
    Abstract [en]

    Security is becoming recognized as an important aspect of software development, leading to the development of various security-enhancing techniques, many of which use some kind of custom modeling language. Models in different languages cannot readily be related to each other, which is an obstacle to using several techniques together. The sheer number of languages is, in itself, also an obstacle to adoption by developers.

    We have developed a modeling language that can be used in place of four existing modeling languages: attack trees, vulnerability cause graphs, security activity graphs, and security goal indicator trees. Our language is more precise than earlier languages, which allows models to be used in automated applications such as testing and static analysis. Models in the new language can be transformed to and from earlier languages. We also present a data model that allows users to relate different kinds of models and model elements to each other and to core security knowledge.

  • 11.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Prioritisation and Selection of Software Security Activities2009In: International Conference on Availability, Reliability and Security, 2009, IEEE , 2009, p. 201-207Conference paper (Refereed)
    Abstract [en]

    Software security is accomplished by introducing security-related activities into the software development process or by altering existing activities so that security is taken into account. Since the importance of software security has only relatively recently received the recognition it deserves, security is not ingrained into the development processes in common use today. A variety of approaches to software security have been proposed, but they rarely support developers in determining which security activities are appropriate for them and which they should choose to implement. An exception to this rule is the Sustainable Software Security Process (S3P). This paper describes the final step of the S3P, which helps developers estimate the cost of security-related activities and select the combination of security activities that best suits their needs. This is accomplished by applying the Analytic Hierarchy Process and an automated search heuristic, scatter search, to the models created as part of the S3P.  

  • 12.
    Byers, David
    et al.
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Unified modeling of attacks, vulnerabilities and security activities2010In: Proceedings of the 2010 ICSE Workshop on Software Engineering for Secure Systems, New York, USA: ACM , 2010, p. 36-42Conference paper (Refereed)
    Abstract [en]

    Security is becoming recognized as an important aspect of software development, leading to the development of many different security-enhancing techniques, many of which use some kind of custom modeling language. Models in these different languages cannot readily be related to each other, which is an obstacle to using several techniques together. The sheer number of languages is, in itself, also an obstacle to adoption by developers.

    In this paper we present a modeling language that can be used in place of four existing modeling languages: attacktrees, vulnerability cause graphs, security activity graphs, and security goal indicator trees. Models in our language can be more precise than earlier models, which allows them to be used in automated applications, such as automatic testing and static analysis. Models in the new language can be derived automatically from models in the existing languages, and can be viewed using existing notation.

    Our modeling language exploits a data model, also presented in this paper, that permits rich interconnections between various items of security knowledge. In this data model it is straightforward to relate different kinds of models, and thereby different software security techniques, to each other.

  • 13.
    Shahmehri, Nahid
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Byers, David
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Hiran, Rahul
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    TRAP: Open Decentralized Distributed Spam Filtering2011In: Trust, Privacy and Security in Digital Business / [ed] Furnell, Steven; Lambrinoudakis, Costas; Pernul, Günther, Berlin / Heidelberg: Springer , 2011, p. 86-97Chapter in book (Refereed)
    Abstract [en]

    Spam is a significant problem in the day-to-day operations of large networks and information systems, as well as a common conduit for malicious software. The problem of detecting and eliminating spam remains of great interest, both commercially and in a research context. In this paper we present TRAP, a reputation-based open, decentralized and distributed system to aid in detecting unwanted e-mail. In TRAP, all participants are equal, all participants can see how the system works, and there is no reliance on any member or subset of members. This paper outlines the TRAP system itself and shows, through simulation, that the fundamental component of TRAP, a distributed low-overhead trust management system, is efficient and robust under the normal conditions present on the Internet.

  • 14.
    Shahmehri, Nahid
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Mammar, Amel
    Télécom Sud, Paris, France.
    Montes De Oca, Edgardo
    Montimage Company, Paris, France.
    Byers, David
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Cavalli, Ana
    Télécom Sud, Paris, France.
    Ardi, Shanai
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Jimenez, Willy
    Télécom Sud, Paris, France.
    An advanced approach for modeling and detecting software vulnerabilities2012In: Information and Software Technology, ISSN 0950-5849, E-ISSN 1873-6025, Vol. 54, no 9, p. 997-1013Article in journal (Refereed)
    Abstract [en]

    Context: Passive testing is a technique in which traces collected from the execution of a system under testare examined for evidence of flaws in the system.

    Objective: In this paper we present a method for detecting the presence of security vulnerabilities bydetecting evidence of their causes in execution traces. This is a new approach to security vulnerabilitydetection.

    Method: Our method uses formal models of vulnerability causes, known as security goal models and vulnerabilitydetection conditions (VDCs). The former are used to identify the causes of vulnerabilities andmodel their dependencies, and the latter to give a formal interpretation that is suitable for vulnerabilitydetection using passive testing techniques. We have implemented modeling tools for security goal modelsand vulnerability detection conditions, as well as TestInv-Code, a tool that checks execution traces ofcompiled programs for evidence of VDCs.

    Results: We present the full definitions of security goal models and vulnerability detection conditions, aswell as structured methods for creating both. We describe the design and implementation of TestInv-Code. Finally we show results obtained from running TestInv-Code to detect typical vulnerabilities in severalopen source projects. By testing versions with known vulnerabilities, we can quantify the effectivenessof the approach.

    Conclusion: Although the current implementation has some limitations, passive testing for vulnerabilitydetection works well, and using models as the basis for testing ensures that users of the testing tool caneasily extend it to handle new vulnerabilities.

  • 15.
    Tjärnström, Fredrik
    et al.
    Linköping University, Department of Electrical Engineering, Automatic Control. Linköping University, The Institute of Technology.
    Duppils, Mattias
    Linköping University, Department of Electrical Engineering, Electronic Devices. Linköping University, The Institute of Technology.
    Haslum, Patrik
    Linköping University, Department of Computer and Information Science. Linköping University, The Institute of Technology.
    Byers, David
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Kulups, Gundars
    Linköping University, Department of Electrical Engineering, Automatic Control. Linköping University, The Institute of Technology.
    Lawesson, Dan
    Linköping University, Department of Electrical Engineering, Automatic Control. Linköping University, The Institute of Technology.
    ENSYM-Project Oriented Studies of spring 98 - team 11999Report (Other academic)
    Abstract [en]

    The report is description of the ENSYM Project Oriented Studies(POS) of spring 1998. The project goal was to control a toy cararound a not beforehand given track as fast as possible.

  • 16.
    Vapen, Anna
    et al.
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    Byers, David
    Linköping University, The Institute of Technology. Linköping University, Department of Computer and Information Science, Database and information techniques.
    Shahmehri, Nahid
    Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, The Institute of Technology.
    2-clickAuth - Optical Challenge-Response Authentication2010In: International Conference on Availability, Reliability, and Security, 2010. ARES '10, IEEE COMPUTER SOC, 10662 LOS VAQUEROS CIRCLE, PO BOX 3014, LOS ALAMITOS, CA 90720-1264 USA , 2010, p. 79-86Conference paper (Refereed)
    Abstract [en]

    Internet users today often have usernames and passwords at multiple web sites. To simplify things, many sites support some form of federated identity management, such as OpenID, that enables users to have a single account that allows them to log on to many different sites by authenticating to a single identity provider. Most identity providers perform authentication using a username and password. Should these credentials be compromised, e. g. captured by a key logger or malware on an untrusted computer, all the users accounts become compromised. Therefore a more secure authentication method is desirable. We have implemented 2-clickAuth, an optical challenge-response solution where a web camera and a camera phone are used for authentication. Two-dimensional barcodes are used for the communication between phone and computer, which allows 2-clickAuth to transfer relatively large amounts of data in a short period of time. 2-clickAuth is considerably more secure than passwords while still being easy to use and easy to distribute to users. This makes 2-clickAuth a viable alternative to passwords in systems where enhanced security is desired, but availability, ease-of-use, and cost cannot be compromised. We have implemented an identity provider in the OpenID federated identity management system that uses 2clickAuth for authentication, making 2-clickAuth available to all users of sites that support OpenID, including Facebook, Sourceforge and MySpace.

1 - 16 of 16
CiteExportLink to result list
Permanent link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf