Enterprise systems are growing in complexity, and the adoption of cloud and mobile
services has greatly increased the attack surface. To proactively address these security …

Cyberattack simulations appear across multiple computer security domains and are
interpreted in many different but equally viable ways. However, this makes the topic appear …

Nowadays, IT infrastructures are involved in making innumerable aspects of our lives
convenient, starting with water or energy distribution systems, and ending with e-commerce …

IT systems pervade our society more and more, and we become heavily dependent on them.
At the same time, these systems are increasingly targeted in cyberattacks, making us …

The increase of cyber-attacks raised security concerns for critical assets worldwide in the
last decade. Leading to more efforts spent towards increasing the cyber security among …

Designing secure and reliable systems is a difficult task. Threat modeling is a process that
supports the secure design of systems by easing the understanding of the system's …

This works considers challenges of building and usage a formal knowledge base (model),
which unites the ATT&CK, CAPEC, CWE, CVE security enumerations. The proposed model …

Abstract When protecting the Industrial Control Systems against cyber attacks, it is important
to have as much information as possible to allocate defensive resources properly. In this …

An attack graph is a beneficial tool to network defenders, demonstrating the routes that an
attacker can utilize to acquire entry to a target network. Cyber‐attacks endanger the security …

The metric Time-To-Compromise (TTC) can be used for estimating the time taken for an
attacker to compromise a component or a system. The TTC helps to identify the most critical …