Is this your profile?
Claim your Citation Index profile in order to display more information about you and gain access to Libraries services. Just create or connect your ORCID iD.
Create or connect your ORCID iD
Works (17)
Updated: April 5th, 2024 10:24
2023 article
Finding Fixed Vulnerabilities with Off-the-Shelf Static Analysis
2023 IEEE 8TH EUROPEAN SYMPOSIUM ON SECURITY AND PRIVACY, EUROS&P, pp. 489–505.
Event: IEEE Computer Society
TL;DR:
Differential Alert Analysis is introduced to discover vulnerability fixes in software projects and provides a powerful, accurate primitive for software projects, code analysis tools, vulnerability databases, and researchers to characterize and enhance the security of software supply chains.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: September 11, 2023
2023 article
SecretBench: A Dataset of Software Secrets
2023 IEEE/ACM 20TH INTERNATIONAL CONFERENCE ON MINING SOFTWARE REPOSITORIES, MSR, pp. 347–351.
TL;DR:
The goal of this paper is to aid researchers and tool developers in evaluating and improving secret detection tools by curating a benchmark dataset of secrets through a systematic collection of secrets from open-source repositories.
(via Semantic Scholar)
arxiv.org (repository)
UN Sustainable Development Goal Categories
3. Good Health and Well-being
(Web of Science)
Source: Web Of Science
Added: September 5, 2023
2023 article
Towards Simultaneous Attacks on Multiple Cellular Networks
2023 IEEE SECURITY AND PRIVACY WORKSHOPS, SPW, pp. 394–405.
author keywords: Cellular Networks; Cellular Network Attacks
TL;DR:
A preliminary analysis of the feasibility of using a single software defined radio to surveil multiple networks simultaneously is presented, demonstrating that radio tuning time is quite low, radio clocks are sufficiently stable to skip synchronization when retuning, and that even when monitoring multiple cells a radio can quite accurately count the devices served by all cells under observation.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
11. Sustainable Cities and Communities
(Web of Science)
Source: Web Of Science
Added: August 28, 2023
2023 article
What Challenges Do Developers Face About Checked-in Secrets in Software Artifacts?
2023 IEEE/ACM 45TH INTERNATIONAL CONFERENCE ON SOFTWARE ENGINEERING, ICSE, pp. 1635–1647.
TL;DR:
The findings indicate that the same solution has been mentioned to mitigate multiple challenges, and an increasing trend in questions lacking accepted solutions substantiating the need for future research and tool automation on managing secrets.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
3. Good Health and Well-being
(Web of Science)
Source: Web Of Science
Added: September 5, 2023
2022 article
What are the Practices for Secret Management in Software Artifacts?
2022 IEEE SECURE DEVELOPMENT CONFERENCE (SECDEV 2022), pp. 69–76.
author keywords: secret management; practices; empirical study; grey literature; secure development
TL;DR:
The goal of this paper is to aid practitioners in avoiding the exposure of secrets by identifying secret management practices in software artifacts through a systematic derivation of practices disseminated in Internet artifacts.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
3. Good Health and Well-being
(Web of Science)
Source: Web Of Science
Added: February 20, 2023
2021 article
Characterizing the Security of Endogenous and Exogenous Desktop Application Network Flows
PASSIVE AND ACTIVE MEASUREMENT, PAM 2021, Vol. 12671, pp. 531–546.
Source: Web Of Science
Added: May 10, 2022
2019 article
Blinded and Confused: Uncovering Systemic Flaws in Device Telemetry for Smart-Home Internet of Things
PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 140–150.
Event: ACM
TL;DR:
This paper seeks to better understand smart home device security by studying the vendor design decisions surrounding IoT telemetry messaging protocols, specifically, the behaviors taken when an IoT device loses connectivity, and finds that 22 of 24 studied devices suffer from critical design flaws.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 19, 2019
2019 journal article
Characterizing the Security of the SMS Ecosystem with Public Gateways
ACM TRANSACTIONS ON PRIVACY AND SECURITY, 22(1).
author keywords: Multifactor authentication; SMS; SMS abuse; SMS spam
Source: Web Of Science
Added: February 18, 2019
2019 article
HOMESNITCH: Behavior Transparency and Control for Smart Home IoT Devices
PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 128–139.
Event: ACM
TL;DR:
HomeSnitch is presented, a building block for enhancing smart home transparency and control by classifying IoT device communication by semantic behavior (e.g., heartbeat, firmware check, motion detection) and the utility of network-level services to classify behaviors of and enforce control on smart home devices.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 19, 2019
2019 article
Hestia: Simple Least Privilege Network Policies for Smart Homes
PROCEEDINGS OF THE 2019 CONFERENCE ON SECURITY AND PRIVACY IN WIRELESS AND MOBILE NETWORKS (WISEC '19), pp. 215–220.
Event: ACM
author keywords: IoT & network security; smart home; least privilege policy
TL;DR:
Hestia drastically improves smart home security without complex, unwieldy policies or lengthy learning of device behaviors, and perhaps more importantly, smart home owners need only specify which devices are controllers.
(via Semantic Scholar)
Sources: Web Of Science, NC State University Libraries, ORCID
Added: August 19, 2019
2019 article
Thou Shalt Discuss Security: Quantifying the Impacts of Instructions to RFC Authors
PROCEEDINGS OF THE 5TH ACM WORKSHOP ON SECURITY STANDARDISATION RESEARCH WORKSHOP (SSR '19), pp. 57–68.
author keywords: Requests for Comments; Internet Standards; Network Security; Text Analysis
Sources: Web Of Science, NC State University Libraries, ORCID
Added: September 14, 2020
2018 article
A Large Scale Investigation of Obfuscation Use in Google Play
34TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE (ACSAC 2018), pp. 222–235.
author keywords: Obfuscation; Android; User Study
TL;DR:
This first comprehensive analysis of the use of and challenges to software obfuscation in Android applications finds that only 24.92% of apps are obfuscated by the developer, with broad implications both for improving the security of Android apps and for all tools that aim to help developers write more secure software.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
16. Peace, Justice and Strong Institutions
(OpenAlex)
Source: Web Of Science
Added: January 28, 2019
2017 conference paper
Authenticall: Efficient identity and content authentication for phone calls
Proceedings of the 26th Usenix Security Symposium (USENIX Security '17), 575–592.
Source: NC State University Libraries
Added: August 6, 2018
2017 article
FinTechSec: Addressing the Security Challenges of Digital Financial Services
IEEE SECURITY & PRIVACY, Vol. 15, pp. 85–89.
TL;DR:
The challenges facing these truly transformative technologies and how this community can help are looked into.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
10. Reduced Inequalities
(OpenAlex)
Source: Web Of Science
Added: August 6, 2018
2012 journal article
An open virtual testbed for industrial control system security research
International Journal of Information Security, 11(4), 215–229.
author keywords: Virtual testbed; Industrial control system; SCADA; Cybersecurity
TL;DR:
A virtual testbed framework using Python to create discrete testbed components including virtual devices and process simulators is described, designed such that the testbeds are inter-operable with real industrial control system devices and such that they can provide comparableindustrial control system network behavior to a laboratory testbed.
(via Semantic Scholar)
Source: Crossref
Added: June 6, 2020
2012 journal article
Analysis and mitigation of vulnerabilities in short-range wireless communications for industrial control systems
International Journal of Critical Infrastructure Protection, 5(3-4), 154–174.
author keywords: Industrial control systems; Wireless communications; Vulnerabilities; Mitigation
TL;DR:
Vulnerabilities and mitigations related to multiple industrial radio technologies deployed in control systems including IEEE 802.15.4, WirelessHART, ZigBee, Bluetooth, and IEEE802.11.4 are focused on.
(via Semantic Scholar)
Source: Crossref
Added: June 6, 2020
2011 journal article
A control system testbed to validate critical infrastructure protection concepts
International Journal of Critical Infrastructure Protection, 4(2), 88–103.
author keywords: Testbed; Industrial control system; SCADA; Smart grid; Cybersecurity
TL;DR:
The testbed enables a research process in which cybersecurity vulnerabilities are discovered, exploits are used to understand the implications of the vulnerability on controlled physical processes, identified problems are classified by criticality and similarities in type and effect, and finally cybersecurity mitigations are developed and validated against within the testbed.
(via Semantic Scholar)
UN Sustainable Development Goal Categories
9. Industry, Innovation and Infrastructure
(OpenAlex)
Source: Crossref
Added: June 6, 2020
Citation Index includes data from a number of different sources. If you have questions about the sources of data in the Citation Index or need a set of data which is free to re-distribute, please contact us.
Certain data included herein are derived from the Web of Science© and InCites© (2024) of Clarivate Analytics. All rights reserved. You may not copy or re-distribute this material in whole or in part without the prior written consent of Clarivate Analytics.
