Search for: All records

The rampant occurrence of cybersecurity breaches imposes substantial limitations on the progress of network infras- tructures, leading to compromised data, financial losses, potential harm to individuals, and disruptions in essential services. The current security landscape demands the urgent development of a holistic security assessment solution that encompasses vul- nerability analysis and investigates the potential exploitation of these vulnerabilities as attack paths. In this paper, we propose GRAPHENE, an advanced system designed to provide a detailed analysis of the security posture of computing infrastructures. Using user-provided information, such as device details and software versions, GRAPHENE performs a comprehensive secu- rity assessment. This assessment includes identifying associated vulnerabilities and constructing potential attack graphs that adversaries can exploit. Furthermore, it evaluates the exploitabil- ity of these attack paths and quantifies the overall security posture through a scoring mechanism. The system takes a holistic approach by analyzing security layers encompassing hardware, system, network, and cryptography. Furthermore, GRAPHENE delves into the interconnections between these layers, exploring how vulnerabilities in one layer can be leveraged to exploit vulnerabilities in others. In this paper, we present the end-to-end pipeline implemented in GRAPHENE, showcasing the systematic approach adopted for conducting this thorough security analysis. 

Digital signatures are a fundamental building block for ensuring integrity and authenticity of contents delivered by the Named Data Networking (NDN) systems. However, current digital signature schemes adopted by NDN open source libraries have a high computational and communication overhead making them unsuitable for high throughput applications like video streaming and virtual reality gaming. In this poster, we propose a real-time digital signature mechanism for NDN based on the offline-online signature framework known as Structure-free and Compact Real-time Authentication scheme (SCRA). Our signature mechanism significantly reduces the signing and verification costs and provides different variants to optimize for the specific requirements of applications (i.e. signing overhead, verification overhead or communication cost). Our experiments results show that SCRA is a suitable framework for latency-sensitive NDN applications.