Search Results - "Ekstedt, Mathias"
-
1
Security Countermeasures Selection Using the Meta Attack Language and Probabilistic Attack Graphs
Published in IEEE access (2022)“…Connecting critical infrastructure assets to the network is absolutely essential for modern industries. In contrast to the apparent advantages, network…”
Get full text
Journal Article -
2
Digital Forensic Analysis of Industrial Control Systems Using Sandboxing: A Case of WAMPAC Applications in the Power Systems
Published in Energies (Basel) (2019)“…In today’s connected world, there is a tendency of connectivity even in the sectors which conventionally have been not so connected in the past, such as power…”
Get full text
Journal Article -
3
powerLang: a probabilistic attack simulation language for the power domain
Published in Energy Informatics (01-12-2020)“…Cyber-attacks on power-related IT and OT infrastructures can have disastrous consequences for individuals, regions, as well as whole nations. In order to…”
Get full text
Journal Article -
4
Empirical Analysis of System-Level Vulnerability Metrics through Actual Attacks
Published in IEEE transactions on dependable and secure computing (01-11-2012)“…The Common Vulnerability Scoring System (CVSS) is a widely used and well-established standard for classifying the severity of security vulnerabilities. For…”
Get full text
Journal Article -
5
Load balancing of renewable energy: a cyber security analysis
Published in Energy Informatics (26-07-2018)“…Background In the coming years, the increase of automation in electricity distribution grids, controlled by ICT, will bring major consequences to the cyber…”
Get full text
Journal Article -
6
Investigating personal determinants of phishing and the effect of national culture
Published in Information and computer security (01-01-2015)“…Purpose – The purpose of the study was twofold: to investigate the correlation between a sample of personal psychological and demographic factors and…”
Get full text
Journal Article -
7
Success Rate of Remote Code Execution Attacks: Expert Assessments and Observations
Published in Journal of universal computer science (Online) (2012)“…This paper describes a study on how cyber security experts assess the importance of three variables related to the probability of successful remote code…”
Get full text
Journal Article -
8
Modeling Enterprise Authorization: A Unified Metamodel and Initial Validation
Published in Complex systems informatics and modeling quarterly (29-07-2016)“…Authorization and its enforcement, access control, have stood at the beginning of the art and science of information security, and remain being crucial pillar…”
Get full text
Journal Article -
9
Overview of Enterprise Information Needs in Information Security Risk Assessment
Published in 2014 IEEE 18th International Enterprise Distributed Object Computing Conference (01-09-2014)“…Methods for risk assessment in information security suggest users to collect and consider sets of input information, often notably different, both in type and…”
Get full text
Conference Proceeding -
10
Automated Probabilistic System Architecture Analysis in the Multi-Attribute Prediction Language (MAPL): Iteratively Developed using Multiple Case Studies
Published in Complex systems informatics and modeling quarterly (2017)“…The Multi-Attribute Prediction Language (MAPL), an analysis metamodel for non-functional qualities of system architectures, is introduced. MAPL features…”
Get full text
Journal Article -
11
An Empirical Investigation of the Effect of Target-Related Information in Phishing Attacks
Published in 2014 IEEE 18th International Enterprise Distributed Object Computing Conference Workshops and Demonstrations (01-01-2014)“…Analyzing the role of target-related information in a security attack is an understudied topic in the behavioral information security research field. This…”
Get full text
Conference Proceeding -
12
The Tarpit – A general theory of software engineering
Published in Information and software technology (01-02-2016)“…Recent years have seen an increasing interest in general theories of software engineering. As in other academic fields, these theories aim to explain and…”
Get full text
Journal Article -
13
The Cyber Security Modeling Language: A Tool for Assessing the Vulnerability of Enterprise System Architectures
Published in IEEE systems journal (01-09-2013)“…The cyber security modeling language (CySeMoL) is a modeling language for enterprise-level system architectures coupled to a probabilistic inference engine. If…”
Get full text
Journal Article -
14
Can the Common Vulnerability Scoring System be Trusted? A Bayesian Analysis
Published in IEEE transactions on dependable and secure computing (01-11-2018)“…The Common Vulnerability Scoring System (CVSS) is the state-of-the art system for assessing software vulnerabilities. However, it has been criticized for lack…”
Get full text
Journal Article -
15
Shaping intention to resist social engineering through transformational leadership, information security culture and awareness
Published in Computers & security (01-06-2016)“…This paper empirically investigates how organizational and individual factors complement each other in shaping employees' intention to resist social…”
Get full text
Journal Article -
16
Research communities in cyber security: A comprehensive literature review
Published in Computer science review (01-11-2021)“…In order to provide a coherent overview of cyber security research, the Scopus academic abstract and citation database was mined to create a citation graph of…”
Get full text
Journal Article -
17
Time between vulnerability disclosures: A measure of software product vulnerability
Published in Computers & security (01-09-2016)“…Time between vulnerability disclosure (TBVD) for individual analysts is proposed as a meaningful measure of the likelihood of finding a zero-day vulnerability…”
Get full text
Journal Article -
18
Development and validation of coreLang: A threat modeling language for the ICT domain
Published in Computers & security (01-11-2024)“…ICT infrastructures are getting increasingly complex, and defending them against cyber attacks is cumbersome. As cyber threats continue to increase and expert…”
Get full text
Journal Article -
19
A probabilistic relational model for security risk analysis
Published in Computers & security (01-09-2010)“…Information system security risk, defined as the product of the monetary losses associated with security incidents and the probability that they occur, is a…”
Get full text
Journal Article -
20
Empirical evaluation of a threat modeling language as a cybersecurity assessment tool
Published in Computers & security (01-05-2024)“…The complexity of ICT infrastructures is continuously increasing, presenting a formidable challenge in safeguarding them against cyber attacks. In light of…”
Get full text
Journal Article