Skip to main content
USENIX
  • Conferences
  • Students
Sign in
  • EVT/WOTE Home
  • Organizers
  • Registration Information
  • Registration Discounts
  • Workshop Program
  • Co-located Workshops
  • Sponsors
  • Students
  • Help Promote
  • For Participants
  • Call for Papers
  • Past Proceedings

twitter

Tweets by @usenix

usenix conference policies

  • Event Code of Conduct
  • Conference Network Policy
  • Statement on Environmental Responsibility Policy

You are here

Home » A Systematic Process-Model-based Approach for Synthesizing Attacks and Evaluating Them
Tweet

connect with us

http://twitter.com/usenix

A Systematic Process-Model-based Approach for Synthesizing Attacks and Evaluating Them

Authors: 

Huong Phan and George S. Avrunin, University of Masschusetts Amherst; Matt Bishop, University of California, Davis; Lori A. Clarke and Leon J. Osterweil, University of Masschusetts Amherst

Abstract: 

This paper describes a systematic approach for incrementally improving the security of election processes by using a model of the process to develop attack plans and then incorporating each plan into the process model to determine if it can complete successfully. More specifically, our approach first applies fault tree analysis to a detailed election process model to find process vulnerabilities that an adversary might be able to exploit, thus identifying potential attacks. Based on such a vulnerability, we then model an attack plan and formally evaluate the process's robustness against such a plan. If appropriate, we also propose modifications to the process and then reapply the approach to ensure that the attack will not succeed. Although the approach is described in the context of the election domain, it would also seem to be effective in analyzing process vulnerability in other domains.

Open Access Media

USENIX is committed to Open Access to the research presented at our events. Papers and proceedings are freely available to everyone once the event begins. Any video, audio, and/or slides that are posted after the event are also free and open to everyone. Support USENIX and our commitment to Open Access.

BibTeX
@inproceedings {179537,
title = {A Systematic {Process-Model-based} Approach for Synthesizing Attacks and Evaluating Them},
booktitle = {2012 Electronic Voting Technology Workshop/Workshop on Trustworthy Elections (EVT/WOTE 12)},
year = {2012},
address = {Bellevue, WA},
url = {https://www.usenix.org/conference/evtwote12/workshop-program/presentation/Phan},
publisher = {USENIX Association},
month = aug,
}
Download
Phan PDF
View the slides

Presentation Video

Presentation Audio

MP3 Download OGG Download

Download Audio

  • Log in or    Register to post comments

© USENIX

  • Privacy Policy
  • Contact Us