• A Pilot Study in Cyber Security Education Using CyberAIMs: A Simulation-Based Experiment 

      Zoto, Erjon; Kowalski, Stewart James; Frantz, Christopher Konstantin; Lopez Rojas, Edgar Alonso; Katt, Basel (Journal article, 2018)
      We hardly pass any day without hearing of a new cyber attack. The recent ever-increasing occurrence of such attacks has given to researchers, practitioners and others an opportunity to raise awareness and train staff from ...
    • A SAML 2.0 Authentication Middleware for ASP.NET Core 

      Musyimi, Jessy Kyalo (Master thesis, 2018)
      The modern society is becoming more and more depended on information systems to run its critical services. Public infrastructure facilities, including the health services, commercial airlines and nuclear power plants depend ...
    • A Socio-Technical Framework to Improve cyber security training: A Work in Progress 

      Østby, Grethe; Berg, Lars; Kianpour, Mazaher; Katt, Basel; Kowalski, Stewart James (Journal article; Peer reviewed, 2019)
      In this paper we discuss a work in progress to create a socio-technical system design framework for cyber security training exercises (STSD-CSTE) to support the development of cyber security training in the Norwegian Cyber ...
    • A Survey of Automated Information Exchange Mechanisms Among CERTs 

      Yamin, Muhammad Mudassar; Katt, Basel (Journal article; Peer reviewed, 2019)
      Nowadays innovative computer related exploits are released every single day, which makes researching about those exploits a significant task. A CERT (Computer Emergency Response Team) is an expert group that is responsible ...
    • Assuring trust in .NET assemblies by instrumentation 

      Hagen, Hans Oluf (Master thesis, 2017)
      SuperOffice is a software company developing SuperOffice CRM software. The traditional hosting option is the on-site solution where the customer is responsible for hosting and maintenance. SuperOffice CRM is quite extensible ...
    • Automated Malware Analysis Platform 

      Holm, Kristian Sigtbakken; Kvalvåg, Martin; Fauskrud, Nikolai; Hoggen, Olav Henrik (Bachelor thesis, 2019)
      Alle bedrifter trenger en måte å sikre virksomheten deres, og i dagens digitale tidsalder er dette spesielt fokusert mot å beskytte digitale systemer mot skadelige og ondsinnede entiteter. Denne beskyttelsen blir i dag ...
    • Cyber Ranges and Security Testbeds: Scenarios, Functions, Tools and Architecture 

      Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios (Journal article; Peer reviewed, 2019)
      The first line of defense against cyber threats and cyber crimes is to be aware and get ready, e.g., through cyber security training. Training can have two forms, the first is directed towards security professionals and ...
    • Cyber security testbed provisioning using a domain specific language 

      Dunfjeld, Mihkal (Master thesis, 2019)
      Praktiske oppgaver i ett virtualisert testmiljø er en effektiv metode for studenter å lære cybersikkerhet. For å kunne sette opp slike testmiljøer er en avhengig av kunnskap, tid og ressurser siden dette er en komplisert ...
    • Cyber Weapons Storage Mechanisms 

      Yamin, Muhammad Mudassar; Katt, Basel; Kianpour, Mazaher (Journal article; Peer reviewed, 2019)
      In this paper, the current status of the art of cyber weapon storage methods and related processes are reviewed with particular reference to the safe guards present in storage of cyber weapons and contingency planning in ...
    • CyberAIMs: A tool for teaching adversarial and systems thinking 

      Zoto, Erjon; Kowalski, Stewart James; Katt, Basel; Frantz, Christopher; Lopez Rojas, Edgar Alonso (Chapter, 2018)
      CyberAIMs stands for Cyber Agents’ Interactive Modeling and Simulation. We designed this tool in order to use it as an educational tool to teach Master students in a Cyber security course. This paper aims to describe the ...
    • Detecting Windows Based Exploit Chains by Means of Event Correlation and Process Monitoring 

      Yamin, Muhammad Mudassar; Katt, Basel; Gkioulos, Vasileios (Journal article; Peer reviewed, 2019)
      This article presents a novel algorithm for the detection of exploit chains in a Windows based environment. An exploit chain is a group of exploits that executes synchronously, in order to achieve the system exploitation. ...
    • Development of Ontology-Based Software Security Learning System with Contextualized Learning Approach 

      Wen, Shao-Fang; Katt, Basel (Journal article; Peer reviewed, 2019)
      Learning software security is one of the most challenging tasks in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The ...
    • Ethical Problems and Legal Issues in Development and Usage Autonomous Adversaries in Cyber Domain 

      Yamin, Muhammad Mudassar; Katt, Basel (Journal article; Peer reviewed, 2019)
      An autonomous adversaries in cyber domain are new type of adversaries present in a cyber security exercise. Traditionally, adversaries in cyber security exercises are human who perform the roles of attackers and defenders. ...
    • Implementation of Insider Threat Detection System Using Honeypot Based Sensors and Threat Analytics 

      Yamin, Muhammad Mudassar; Katt, Basel; Sattar, Kashif; Bin Ahmed, Maaz (Journal article; Peer reviewed, 2019)
      An organization is a combination of vision, technology and employees. The well being of organization is directly associated with the honesty of its workers. However, an organization is also threatened by misuse of information ...
    • Learning Software Security in Context: An Evaluation in Open Source Software Development Environment 

      Wen, Shao-Fang; Katt, Basel (Chapter, 2019)
      Learning software security has become a complex and difficult task today than it was even a decade ago. With the increased complexity of computer systems and a variety of applications, it is hard for software developers ...
    • Managing Software Security Knowledge in Context: An Ontology Based Approach 

      Wen, Shao-Fang; Katt, Basel (Journal article; Peer reviewed, 2019)
      Knowledge of software security is highly complex since it is quite context-specific and can be applied in diverse ways. To secure software development, software developers require not only knowledge about general security ...
    • Preliminary Evaluation of an Ontology-Based Contextualized Learning System for Software Security 

      Wen, Shao-Fang; Katt, Basel (Chapter, 2019)
      Learning software security is a big challenging task in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The traditional ...
    • Processing of Notifications Produced by Intrusion Detection Systems in CERN’s Security Operations Centre 

      Råheim, Amund Faller (Bachelor thesis, 2017)
      This thesis focuses on the implementation of an application processing notifications produced by intrusion detection systems. Notifications are produced upon detection of a known indicator of compromise in the network ...
    • Security Assurance of REST API based applications 

      Prasher, Nishu (Master thesis, 2018)
      Security assurance is the confidence that a system meets its security requirements, based on specific evidences that an assurance technique provide. In this thesis, I have proposed a quantification method which aims to ...
    • Security Knowledge Management in Open Source Software Communities 

      Wen, Shao-Fang; Kianpour, Mazaher; Katt, Basel (Chapter, 2019)
      Open source software (OSS) communities are groups of individuals, technical or non-technical, interacting with collaborating peers in online communities of practices to develop OSS, solve particular software problems and ...