scispace - formally typeset

Vulnerability (computing)

About: Vulnerability (computing) is a(n) research topic. Over the lifetime, 8531 publication(s) have been published within this topic receiving 116697 citation(s). The topic is also known as: vuln & security vulnerability. more


Journal ArticleDOI: 10.1109/TSE.1987.232894
Dorothy E. Denning1Institutions (1)
Abstract: A model of a real-time intrusion-detection expert system capable of detecting break-ins, penetrations, and other forms of computer abuse is described. The model is based on the hypothesis that security violations can be detected by monitoring a system's audit records for abnormal patterns of system usage. The model includes profiles for representing the behavior of subjects with respect to objects in terms of metrics and statistical models, and rules for acquiring knowledge about this behavior from audit records and for detecting anomalous behavior. The model is independent of any particular system, application environment, system vulnerability, or type of intrusion, thereby providing a framework for a general-purpose intrusion-detection expert system. more

3,171 Citations

Open accessJournal ArticleDOI: 10.1109/JSAC.2002.806121
Andrei Sabelfeld1, Andrew C. Myers1Institutions (1)
Abstract: Current standard security practices do not provide substantial assurance that the end-to-end behavior of a computing system satisfies important security policies such as confidentiality. An end-to-end confidentiality policy might assert that secret input data cannot be inferred by an attacker through the attacker's observations of system output; this policy regulates information flow. Conventional security mechanisms such as access control and encryption do not directly address the enforcement of information-flow policies. Previously, a promising new approach has been developed: the use of programming-language techniques for specifying and enforcing information-flow policies. In this paper, we survey the past three decades of research on information-flow security, particularly focusing on work that uses static program analysis to enforce information-flow policies. We give a structured view of work in the area and identify some important open challenges. more

  • Fig. 2. Command syntax.
    Fig. 2. Command syntax.
  • Fig. 1. An implicit flow.
    Fig. 1. An implicit flow.
  • Fig. 4. Evolution of language-based information flow.
    Fig. 4. Evolution of language-based information flow.
  • Fig. 3. Security-type system.
    Fig. 3. Security-type system.

1,969 Citations

Journal ArticleDOI: 10.1145/1952982.1952995
Yao Liu1, Peng Ning1, Michael K. Reiter2Institutions (2)
Abstract: A power grid is a complex system connecting electric power generators to consumers through power transmission and distribution networks across a large geographical area. System monitoring is necessary to ensure the reliable operation of power grids, and state estimation is used in system monitoring to best estimate the power grid state through analysis of meter measurements and power system models. Various techniques have been developed to detect and identify bad measurements, including interacting bad measurements introduced by arbitrary, nonrandom causes. At first glance, it seems that these techniques can also defeat malicious measurements injected by attackers.In this article, we expose an unknown vulnerability of existing bad measurement detection algorithms by presenting and analyzing a new class of attacks, called false data injection attacks, against state estimation in electric power grids. Under the assumption that the attacker can access the current power system configuration information and manipulate the measurements of meters at physically protected locations such as substations, such attacks can introduce arbitrary errors into certain state variables without being detected by existing algorithms. Moreover, we look at two scenarios, where the attacker is either constrained to specific meters or limited in the resources required to compromise meters. We show that the attacker can systematically and efficiently construct attack vectors in both scenarios to change the results of state estimation in arbitrary ways. We also extend these attacks to generalized false data injection attacks, which can further increase the impact by exploiting measurement errors typically tolerated in state estimation. We demonstrate the success of these attacks through simulation using IEEE test systems, and also discuss the practicality of these attacks and the real-world constraints that limit their effectiveness. more

Topics: Electric power system (57%), Vulnerability (computing) (55%), Power transmission (53%) more

1,717 Citations

Open accessJournal ArticleDOI: 10.1029/WR018I001P00014
Abstract: Three criteria for evaluating the possible performance of water resource systems are discussed. These measures describe how likely a system is to fail (reliability), how quickly it recovers from failure (resiliency), and how severe the consequences of failure may be (vulnerability). These criteria can be used to assist in the evaluation and selection of alternative design and operating policies for a wide variety of water resource projects. The performance of a water supply reservoir with a variety of operating policies illustrates their use. more

1,286 Citations

No. of papers in the topic in previous years

Top Attributes

Show by:

Topic's top 5 most impactful authors

Jinfu Chen

12 papers, 59 citations

Gregory Levitin

9 papers, 241 citations

Ahmed M. A. Haidar

8 papers, 106 citations

Genserik Reniers

6 papers, 84 citations

Christoph Busch

6 papers, 81 citations

Network Information
Related Topics (5)

14.4K papers, 268K citations

88% related
Access control

32.6K papers, 475K citations

87% related
Computer security model

18.1K papers, 352.9K citations

86% related
Cloud computing security

27.1K papers, 511.8K citations

86% related
Intrusion detection system

28.4K papers, 509.5K citations

86% related