% % GENERATED FROM http://acme.able.cs.cmu.edu % by : anonymous % IP : ec2-18-223-209-129.us-east-2.compute.amazonaws.com % at : Sun, 24 Nov 2024 12:55:13 -0500 GMT % % Selection : Author: Ryan_Wagner % @TechReport{Wagner:APT:2017, AUTHOR = {Wagner, Ryan and Fredrikson, Matthew and Garlan, David}, TITLE = {An Advanced Persistent Threat Exemplar}, YEAR = {2017}, MONTH = {July}, NUMBER = {CMU-ISR-17-100}, INSTITUTION = {Institute of Software Research, Carnegie Mellon University}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/CMU-ISR-17-100.pdf}, ABSTRACT = {Security researchers do not have sufficient example systems for conducting research on advanced persistent threats, and companies and agencies that experience attacks in the wild are reluctant to release detailed information that can be examined. In this paper, we describe an Advanced Persistent Threat Exemplar that is intended to provide a real-world attack scenario with sufficient complexity for reasoning about defensive system adaptation, while not containing so much information as to be too complex. It draws from actual published attacks and experiences as a security engineer by the authors.}, NOTE = {http://reports-archive.adm.cs.cmu.edu/anon/isr2017/abstracts/17-100.html}, KEYWORDS = {Science of Security} } @Unpublished{2018/APTArtifact, AUTHOR = {Wagner, Ryan and Garlan, David and Fredrikson, Matthew}, TITLE = {An Advanced Persistent Threat Simulation Range for Research of Self-Adaptive Systems}, YEAR = {2018}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/APT_Testbed.pdf}, ABSTRACT = {While security is important to self-adaptive systems research, it is particularly difficult to simulate the characteristics of the most insidious adversary, the advanced persistent threat (APT). The research community requires an APT simulation environment that provides the realism and depth that is necessary for a sufficient simulation, but this should not be too complex, difficult, or expensive to use. Additionally, a successful simulation environment must ensure that malware does not escape into the wild. We present a cyber range for self-adaptive systems researchers to simulate APTs, complete with an example system under test and attack scenario.}, NOTE = {Submitted for publication}, KEYWORDS = {Science of Security} } @InProceedings{2018:Wagner:HotSoS, AUTHOR = {Wagner, Ryan and Garlan, David and Fredrikson, Matthew}, TITLE = {Poster: Quantitative Underpinnings of Secure, Graceful Degradation}, YEAR = {2018}, MONTH = {10-11 April}, BOOKTITLE = {Proceedings of the 2018 Symposium of Hot Topics in the Science of Security}, ADDRESS = {Raleigh, North Carolina}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/hotsos-gracefuldegradation.pdf}, KEYWORDS = {Science of Security} } @InProceedings{Kinneer:2019:observability, AUTHOR = {Kinneer, Cody and Wagner, Ryan and Fang, Fei and Le Goues, Claire and Garlan, David}, TITLE = {Modeling Observability in Adaptive Systems to Defend Against Advanced Persistent Threats}, YEAR = {2019}, MONTH = {9-11 October}, BOOKTITLE = {Proceedings of the 17th ACM-IEEE International Conference on Formal Methods and Models for Systems Design (MEMCODE\'19)}, ADDRESS = {San Diego, USA}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/memocode2019.pdf}, ABSTRACT = {Advanced persistent threats (APTs) are a particularly troubling challenge for software systems. The adversarial nature of the security domain, and APTs in particular, poses unresolved challenges to the design of self-* systems, such as how to defend against multiple types of attackers with different goals and capabilities. In this interaction, the observability of each side is an important and under-investigated issue in the self-* domain. We propose a model of APT defense that elevates observability as a first-class concern. We evaluate this model by showing how an informed approach that uses observability improves the defender’s utility compared to a uniform random strategy, can enable robust planning through sensitivity analysis, and can inform observability-related architectural design decisions.}, KEYWORDS = {Science of Security, Self-adaptation} } @InProceedings{2021:FSE:Chang, AUTHOR = {Zhang, Changjian and Wagner, Ryan and Orvalho, Pedro and Garlan, David and Manquinho, Vasco and Martins, Ruben and Kang, Eunsuk}, TITLE = {AlloyMax: Bringing Maximum Satisfaction to Relational Specifications.}, YEAR = {2021}, MONTH = {23-28 August}, BOOKTITLE = {The ACM Joint European Software Engineering Conference and Symposium on the Foundations of Software Engineering (ESEC/FSE) 2021}, ADDRESS = {Virtual}, ABSTRACT = {Alloy is a declarative modeling language based on a first-order relational logic. Its constraint-based analysis has enabled a wide range of applications in software engineering, including configuration synthesis, bug finding, test-case generation, and security analysis. Certain types of analysis tasks in these domains involve finding an optimal solution. For example, in a network configuration problem, instead of finding any valid configuration, it may be desirable to find one that is most permissive (i.e., it permits a maximum number of packets). Due to its dependence on SAT, however, Alloy cannot be used to specify and analyze these types of problems. We propose AlloyMax, an extension of Alloy with a capability to express and analyze problems with optimal solutions. AlloyMax introduces (1) a small addition of language constructs that can be used to specify a wide range of problems that involve optimality and (2) a new analysis engine that leverages a Maximum Satisfiability (MaxSAT) solver to generate optimal solutions. To enable this new type of analysis, we show how a specification in a first-order relational logic can be translated into an input format of MaxSAT solvers—namely, a Boolean formula in weighted conjunctive normal form (WCNF). We demonstrate the applicability and scalability of AlloyMax on a benchmark of problems. To our knowledge, AlloyMax is the first approach to enable analysis with optimality in a relational modeling language, and we believe that AlloyMax has the potential to bring a wide range of new applications to Alloy.}, NOTE = {Distinguished Paper Award}, KEYWORDS = {Formal Methods, Planning} } @Article{Sousa:2024:Security, AUTHOR = {Sousa, Bruno and Dias, Duarte and Antunes, Nuno and C\'{a}mara, Javier and Wagner, Ryan and Schmerl, Bradley and Garlan, David and Fidalgo, Pedro}, TITLE = {MONDEO-Tactics5G: Multistage botnet detection and tactics for 5G/6G networks}, YEAR = {2024}, MONTH = {May}, JOURNAL = {Computers & Security}, VOLUME = {140}, PDF = {http://acme.able.cs.cmu.edu/pubs/uploads/pdf/MONDEO_AIDA.pdf}, ABSTRACT = {Mobile malware is a malicious code specifically designed to target mobile devices to perform multiple types of fraud. The number of attacks reported each day is increasing constantly and is causing an impact not only at the end-user level but also at the network operator level. Malware like FluBot contributes to identity theft and data loss but also enables remote Command & Control (C2) operations, which can instrument infected devices to conduct Distributed Denial of Service (DDoS) attacks. Current mobile device-installed solutions are not effective, as the end user can ignore security warnings or install malicious software. This article designs and evaluates MONDEO-Tactics5G - a multistage botnet detection mechanism that does not require software installation on end-user devices, together with tactics for 5G network operators to manage infected devices. We conducted an evaluation that demonstrates high accuracy in detecting FluBot malware, and in the different adaptation strategies to reduce the risk of DDoS while minimising the impact on the clients' satisfaction by avoiding disrupting established sessions.}, NOTE = {https://doi.org/10.1016/j.cose.2024.103768}, KEYWORDS = {Rainbow} }