Skip to main content
To KTH's start page

Publications

Publications associated with the CDIS research projects

2023

L. Backlund, K. Ngo, J. Gärtner, and E. Dubrova, "Secret Key Recovery Attack on Masked and Shuffled Implementations of CRYSTALS-Kyber and Saber". In: Zhou, J., et al. Applied Cryptography and Network Security Workshops. ACNS 2023. Lecture Notes in Computer Science, vol 13907. Springer, Cham, doi: 10.1007/978-3-031-41181-6_9

E. Dubrova, K. Ngo, J. Gärtner, and R. Wang, "Breaking a Fifth-Order Masked Implementation of CRYSTALS-Kyber by Copy-Paste", in Proceedings of the 10th ACM Asia Public-Key Cryptography Workshop, Melbourne, Australia, 2023, pp. 10-20, doi: 10.1145/3591866.3593072

 V. Engström, P. Johnson, R. Lagerström, E. Ringdahl, and M. Wällstedt, "Automated Security Assessments of Amazon Web Service Environments", ACM Transactions on Privacy and Security, 26(2), 1-31, doi: 10.1145/3570903

L. Fernandez and G. Karlsson, "Black-box Fuzzing for Security in Managed Networks: An Outline," in IEEE Networking Letters, doi: 10.1109/LNET.2023.3286443 .

J. Gärtner, "NTWE: A Natural Combination of NTRU and LWE". In: Johansson, T., Smith-Tone, D. (eds) Post-Quantum Cryptography. PQCrypto 2023. Lecture Notes in Computer Science, vol 14154. Springer, Cham, doi: 10.1007/978-3-031-40003-2_12

J. Gärtner, "Concrete Security from Worst-Case to Average-Case Lattice Reductions". In: El Mrabet, N., De Feo, L., Duquesne, S. (eds) Progress in Cryptology - AFRICACRYPT 2023. AFRICACRYPT 2023. Lecture Notes in Computer Science, vol 14064. Springer, Cham, doi: 10.1007/978-3-031-37679-5_15

K. Hammar and R. Stadler, "Learning Near-Optimal Intrusion Responses Against Dynamic Attackers," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2023.3293413 .

K. Hammar and R. Stadler, "Digital Twins for Security Automation," NOMS 2023-2023 IEEE/IFIP Network Operations and Management Symposium, Miami, FL, USA, 2023, pp. 1-6, doi: 10.1109/NOMS56928.2023.10154288 .

2022

M. Brisfors, M. Moriatis, and E. Dubrova, "Do not rely on clock randomization: A side-channel attack on a protected hardware implementation of AES," 15th International Symposium on Foundations & Practice of Security (FPS'2022), Ottawa, Canada.

V. Engström and R. Lagerström, "Two decades of cyberattack simulations: A systematic literature review," Computers & security, vol. 116, s. 102681-102681, doi: 10.1016/j.cose.2022.102681

U. Franke, A. Andreasson, H. Artman, J.Brynielsson, S. Varga, and N. Vilhelm, " Cyber situational awareness issues and challenges," in Cybersecurity and Cognitive Science, A. A. Moustafa, Ed. San Diego: Academic Press, 2022, pp. 235-265, doi: 10.1016/B978-0-323-90570-1.00015-2

K. Hammar and R. Stadler, "An Online Framework for Adapting Security Policies in Dynamic IT Environments," 2022 18th International Conference on Network and Service Management (CNSM), Thessaloniki, Greece, 2022, pp. 359-363, doi: 10.23919/CNSM55787.2022.9964838 .

K. Hammar and R. Stadler, "A System for Interactive Examination of Learned Security Policies," NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2022, pp. 1-3, doi: 10.1109/NOMS54207.2022.9789707

K. Hammar and R. Stadler, "Intrusion Prevention through Optimal Stopping," in IEEE Transactions on Network and Service Management, doi: 10.1109/TNSM.2022.3176781

K. Hammar and R. Stadler. "Learning Security Strategies through Game Play and Optimal Stopping", ICML Ml4Cyber Workshop 2022: International Conference on Machine Learning, arXiv: 2205.14694 .

 J. Nyberg, P. Johnson, and A. Méhes, "Cyber threat response using reinforcement learning in graph-based attack simulations," NOMS 2022-2022 IEEE/IFIP Network Operations and Management Symposium, 2022, pp. 1-4, doi: 10.1109/NOMS54207.2022.9789835

K. Ngo, and E. Dubrova, "Side-Channel Analysis of the Random Number Generator in STM32 MCUs," Proceedings of the Great Lakes Symposium on VLSI 2022, doi: 10.1145/3526241.3530324

K. Ngo, R. Wang, E. Dubrova, and N. Paulsrud, "Side-channel attacks on lattice-based KEMs are not prevented byhigher-order masking," Cryptology ePrint Archive

R. Wang, K. Ngo, and E. Dubrova, "A message recovery attack on LWE/LWR-based PKE/KEMs using amplitude modulated EM emanations," 25th Annual International Conference on Information Security and Cryptology.

R. Wang, K. Ngo, and E. Dubrova, "Side-channel analysis of Saber KEM using amplitude-modulated EM emanations,"  Euromicro Conference on Digital Systems Design 2022.

R. Wang, K. Ngo, and E. Dubrova, "Making biased DL models work: Message and key recovery attacks on saber using amplitude-modulated EM emanations," Cryptology ePint Archive

2021

A. Andreasson, H. Artman, J. Brynielsson and U. Franke, “A census of Swedish public sector employee communication on cybersecurity during the COVID-19 pandemic,” 2021 International Conference on Cyber Situational Awareness, Data Analytics and Assessment (CyberSA), 2021, pp. 1-8, doi: 10.1109/CyberSA52016.2021.9478241

M. Birgersson, C. Artho and M. Musard, "Security-Aware Multi-User Architecture for IoT," 21st IEEE International Conference on Software Quality, Reliability, and Security (QRS'21), 2021, urn: urn:nbn:se:kth:diva-305259

M. Grenfeldt, A. Olofsson, V. Engström and R. Lagerström, "Attacking Websites Using HTTP Request Smuggling: Empirical Testing of Servers and Proxies," 2021 IEEE 25th International Enterprise Distributed Object Computing Conference (EDOC), 2021, pp. 173-181, doi: 10.1109/EDOC52215.2021.00028 .

K. Hammar and R. Stadler, "Learning Intrusion Prevention Policies through Optimal Stopping," 2021 17th International Conference on Network and Service Management (CNSM), 2021, pp. 509-517, doi: 10.23919/CNSM52442.2021.9615542 .

K. Ngo, E. Dubrova, and T. Johansson, "Breaking masked and shuffled CCA secure Saber KEM by power analysis," in Proceedings of the 5th Workshop on Attacks and Solutions in Hardware Security 2021, doi: 10.1145/3474376.3487277

K. Ngo, E. Dubrova, Q. Guo, and T. Johansson, “A Side-Channel Attack on a Masked IND-CCA Secure Saber KEM Implementation”, IACR Transactions on Cryptographic Hardware and Embedded Systems, 2021(4), 676–707. doi: 10.46586/tches.v2021.i4.676-707

2020

A. Andreasson, H. Artman, J. Brynielsson, and U. Franke, “A census of Swedish government administrative authority employee communications on cybersecurity during the COVID-19 pandemic,” in Proceedings of the 2020 IEEE/ACM International Conference on Advances in Social Networks Analysis and Mining (ASONAM 2020). IEEE, 2020, pp. 727-733, doi: doi.org/10.1109/ASONAM49781.2020.9381324

K. Hammar and R. Stadler, “Finding Effective Security Strategies through Reinforcement Learning and Self-Play,” 2020 16th International Conference on Network and Service Management (CNSM), Izmir, Turkey, 2020, pp. 1-9, doi: 10.23919/CNSM50824.2020.9269092