Basel KattNorwegian University of Science and Technology | NTNU · department of
Basel Katt
Professor
About
69
Publications
21,094
Reads
How we measure 'reads'
A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more
787
Citations
Introduction
Skills and Expertise
Publications
Publications (69)
System Security Assurance (SSA) has emerged as a critical methodology for organizations to verify the trustworthiness of their systems by evaluating security measures against industry standards, legal requirements, and best practices to identify any weakness and demonstrate compliance. In recent years, the role of Artificial Intelligence (AI) in en...
Uncensored LLMs represent a category of language models free from ethical constraints, thus prone to misuse for various malicious purposes like generating malware. However, their capabilities fall short compared to commercially available LLMs, which are censored and unsuitable for such nefarious activities. Previously, researchers could bypass cens...
This study proposes a novel approach leveraging Large Language Models (LLMs) to generate dynamic and complex adaptable cybersecurity exercise scenarios. Motivated by Turing’s seminal exploration into machine cognition, which questions the ability of machines to mimic human thought and intelligence. By exploiting the generative potential of LLMs, ou...
System Security Assurance (SSA) has emerged as a critical methodology for organizations to verify the trustworthiness of their systems by evaluating security measures against industry standards, legal requirements, and best practices to identify any weakness and demonstrate compliance. In recent years, the role of Artificial Intelligence (AI) in en...
The health sector is a critical and vulnerable infrastructure, making it an easy target for hackers and attackers. Healthcare is also a highly trusted sector that contains sensitive and personal information; therefore, exploiting its vulnerabilities can lead to great financial and political gains. The digital twin is an emerging technology that cou...
This two-volume set LNCS 14398 and LNCS 14399 constitutes the refereed proceedings of eleven International Workshops which were held in conjunction with the 28th European Symposium on Research in Computer Security, ESORICS 2023, in The Hague, The Netherlands, during September 25-29, 2023.
The 22 regular papers included in these proceedings stem fro...
This study proposes a novel approach leveraging Large Language Models (LLMs) to generate dynamic and complex adaptable cybersecu-rity exercise scenarios. Motivated by Turing’s sem-inal exploration into machine cognition, which questions the ability of machines to mimic human thought and intelligence. By exploiting the generative potential of LLMs,...
Purpose
Security assurance evaluation (SAE) is a well-established approach for assessing the effectiveness of security measures in systems. However, one aspect that is often overlooked in these evaluations is the assurance context in which they are conducted. This paper aims to explore the role of assurance context in system SAEs and proposes a con...
Due to the high adoption of cloud services, the protection of data and information is critical. Cloud service customers (CSCs) need help to obtain the authoritative assurances required for the cloud services and negotiate the cloud service contract based on the terms and conditions set by cloud service providers (CSPs). Several standards and guidel...
With the passage of time, many cyber security training programs are being developed. These programs teach skills ranging from ethical hacking to different cyber defence operations. Teaching or training such skills is a complex undertaking and requires complex platforms and tools, like cyber ranges. This is especially true for training and teaching...
Cognitive Digital Twin (CDT) is an extension of Digital Twin with cognitive capabilities to monitor and analyse complex and unforeseen behaviours and to ensure critical reasoning and decision-making. Thus, CDT has a potential for enhancing cybersecurity for the Internet of Things (IoT)-based applications such as smart homes. In this paper, we devel...
The use of IoT devices has increased rapidly in recent times. While the development of new devices is moving quickly, and as prices are being forced down, the costs of developing such devices also needs to be reduced. IoT devices are now trusted with more critical tasks, and it is important that they behave as intended and that the information they...
Security assurance is a critical aspect in determining the trustworthiness of information and communication technology systems. Security assurance evaluation (SAE) is the process responsible for gathering assurance shreds of evidence to check if the defined security requirements are fulfilled. SAE can be generally categorized into qualitative and q...
Internet of Things (IoT) devices are becoming a part of our daily life; from health monitors to critical infrastructure, they are used everywhere. This makes them ideal targets for malicious actors to exploit for nefarious purposes. Recent attacks like the Mirai botnet are just examples in which default credentials were used to exploit thousands of...
Security assurance evaluation (SAE) is a technique that helps organizations to appraise the trust and confidence that a system can be operated correctly and securely. This paper contributes to the research on quantitative SAE by proposing an ontology-based assurance metrics computation solution, which consists of (1) a quantitative SAE approach, (2...
Security assurance (SA) is a technique that helps organizations to appraise the trust and confidence that a system can be operated correctly and securely. To foster effective SA, there must be systematic techniques to reflect the fact that the system meets its security requirements and, at the same time, is resilient against security vulnerabilitie...
System security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediate and enforce the security policy and are resilient against
security failure and attacks. Alongside the significant benefits of security assurance, the evolution of new information and communication technology...
With the ever-changing cybersecurity landscape, the need for a continuous training for new cybersecurity skill sets is a requirement. Such continuous training programs can be delivered on platforms like cyber ranges. Cyber ranges support training by providing a simulated or emulated representation of a computer network infrastructure, besides addit...
Cyber security is a big challenge nowadays. However, the lack of qualified individuals and awareness is making the current situation more problematic. One way to address this problem is through National cyber security competitions. Such competitions provide large-scale awareness of cyber security issues and motivate individuals to join the cyber se...
Open-source intelligence (OSINT) tools are used for gathering information using different publicly available sources. With the rapid advancement in information technology and excessive use of social media in our daily lives, more public information sources are available than ever before. The access to public information from different sources can b...
The skill shortage in global cybersecurity is a well-known problem; to overcome this issue, cyber ranges have been developed. These ranges provide a platform for conducting cybersecurity exercises; however, conducting such exercises is a complex process because they involve people with different skill sets for the scenario modeling, infrastructure...
The introduction of Information and Communications Technology (ICT) into conventional power grids has resulted in a digitalized smart grid, enabling a more efficient and robust operation. However, it can also lead to increased risk and new threats due to more complex systems and longer supply chains. Recent events indicate that the electrical power...
Security assurance provides the confidence that security features, practices, procedures, and architecture of software systems mediateand enforce the security policy and are resilient against security failure and attacks. Alongside the significant benefits of securityassurance, the evolution of new information and communication technology (ICT) int...
Technology is evolving at a rapid rate. From security specialists to average citizens, this poses a problem: individuals’ technological skill sets are quickly made obsolete. This makes the knowledge and understanding of cyber-security in a technologically evolving world difficult. Global IT infrastructure and individuals’ privacy are constantly und...
With the increasing popularization of cybersecurity concepts due to ever increasing cybersecurity incidents, it is no secret that countries worldwide are investing heavily in cybersecurity education to build the necessary talent pool to cope with future cybersecurity challenges. At the same time, different cybersecurity competitions are being organ...
Artificial intelligence (AI)-based technologies are actively used for purposes of cyber defense. With the passage of time and with decreasing complexity in implementing AI-based solutions, the usage of AI-based technologies for offensive purposes has begun to appear in the world. These attacks vary from tampering with medical images using adversari...
Information Technology (IT) has become an essential part of our lives and due to the emergence of the Internet-of-Things (IoT), technology has encompassed a majority of things that humans rely on in their daily lives. Furthermore, as IT becomes more relevant in daily lives, the need for IT to serve public emergency services has become more importan...
Information Technology (IT) has become an essential part of our lives and due to the emergence of Internet-of-Things (IoT), technology has encompassed a majority of things that humans rely on in their daily lives. Further, as IT becomes more relevant in daily lives, the need for IT to serve public emergency services has become more important. Howev...
In this paper we propose a role model that can be applied in societal cyber crisis management to build safety and standard procedures during cyber security crisis. We define societal cyber crisis as the cyber crisis which affect the society in which disaster is or might be the consequence. The process to create our model started by analyzing regula...
Our world is getting evolved to smart world day by day. This smart world is being developed to make people life easier through the data generated by the smart devices. Data is the fuel that powers the smart world evolution, however, making things smart have its consequences. Smart devices are inherently vulnerable to cyber attacks, that’s why we ar...
We present source code patterns that are difficult for modern static code analysis tools. Our study comprises 50 different open source projects in both a vulnerable and a fixed version for XSS vulnerabilities reported with CVE IDs over a period of seven years. We used three commercial and two open source static code analysis tools. Based on the rep...
This article presents a novel algorithm for the detection of exploit chains in a Windows based environment. An exploit chain is a group of exploits that executes synchronously, in order to achieve the system exploitation. Unlike high-risk vulnerabilities that allow system exploitation using only one execution step, an exploit chain takes advantage...
An organization is a combination of vision, technology and employees. The wellbeing of organization is directly associated with the honesty of its workers. However, an organization is also threatened by misuse of information from its agents like former employees, current employees, vendors or business associates. These kinds of threats which are po...
Web browsers are primary targets of attacks because of their extensive uses and the fact that they interact with sensitive data. Vulnerabilities present in a web browser can pose serious risk to millions of users. Thus, it is pertinent to address these vulnerabilities to provide adequate protection for personally identifiable information. Research...
The first line of defense against cyber threats and cyber crimes is to be aware and get ready, e.g., through cyber security training. Training can have two forms, the first is directed towards security professionals and aims at improving understanding of the latest threats and increasing skill levels in defending and mitigating against them. The se...
The field of cyber security is getting diversified day by day, with new specialist responsibilities and roles at different levels of competence being required by the industry. The competencies can be mapped with required skills set in multiple cyber security certification programs. However, different certification programs use different curricula a...
Learning software security has become a complex and difficult task today than it was even a decade ago. With the increased complexity of computer systems and a variety of applications, it is hard for software developers to master the expertise required to deal with the variety of security concepts, methods, and technologies that are required in sof...
In this paper, the current status of the art of cyber weapon storage methods and related processes are reviewed with particular reference to the safe guards present in storage of cyber weapons and contingency planning in case of losing controls of such weapons. Existing methods are summarized and new techniques which are currently under development...
The field of cyber security is getting diversified day by day, with new specialist responsibilities and roles at different levels of competence being required by the industry. The competencies can be mapped with required skills set in multiple cyber security certification programs. However, different certification programs use different curricula a...
In the setting of software development, knowledge can be both dynamic and situation specific, and the complexity of knowledge usually exceeds the capacity of individuals to solve problems by themselves. Software developers not only require knowledge about the general security concepts but also about the context for which software is being developed...
Learning software security is one of the most challenging tasks in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding its practical applications. Conventional teaching approaches give little attention to how to improve the effectiveness of learning in the domain of software security....
Learning software security is a big challenging task in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The traditional teaching and learning materials, which are usually organized topically and security-centric, have fewer linkages with learners' exper...
Learning software security is one of the most challenging tasks in the information technology sector due to the vast amount of security knowledge and the difficulties in understanding the practical applications. The traditional teaching and learning materials, which are usually organized topically and security-centric, have fewer linkages with lear...
Windows command line arguments are used in administration of operating system through a CLI (command line interface). This command line interface gives access to multiple powerful system administration tools like PowerShell and WMIC. In an ideal scenario, access to CLI is restricted for malicious users, and the command line inputs are logged for fo...
Open source software (OSS) communities are groups of individuals, technical or non-technical, interacting with collaborating peers in online communities of practices to develop OSS, solve particular software problems and exchange ideas. People join OSS communities with a different level of programming skills and experience and might lack formal, co...
In the present research paper, the current status of the technology, issues and challenges of Mobile Device Management is reviewed in view of how these technologies can be used to enhance security and access control mechanism. The present methods as well as the new ones under development are discussed in this paper. Some of the current limitations...
Security assurance is the confidence that a system meets its security requirements and is resilient against security vulnerabilities and failures. Existing approaches can be characterized as (1) qualitative in nature, (2) tend to achieve their goals manually to a large extent, (3) very costly, (4) development-process oriented, and finally, (3) trea...
Security assurance is the confidence that a system meets its security requirements based on specific evidences that an assurance technique provide. The notion of measuring security is complex and tricky. Existing approaches either (1) consider one aspect of assurance, like security requirements fulfillment, or threat/vulnerability existence, or (2)...
Education in the information security domain increasingly integrates practical hands-on training; where exercises focusing on secure cyber operations and secure software development are used for training the participants in designing and building secure systems. These exercises utilize multiple approaches in their context, such as capture the flag,...
CyberAIMs stands for Cyber Agents’ Interactive Modeling and Simulation. We designed this tool in order to use it as an educational tool to teach Master students in a Cyber security course. This paper aims to describe the model and explain the design choices behind CyberAIMs in terms of associating them with the emerging concepts within cyber
securi...
The need for effective and efficient evaluation schemes of security assurance is growing in many organizations, especially Small and Medium Enterprises (SMEs). Although there are several approaches and standards for evaluating application security assurance, they are qualitative in nature and depend to a great extent on manually processing. This pa...
Many secure software development methods and tools are well-known and understood. Still, the same software security vulnerabilities keep occurring. To find out if new source code patterns evolved or the same patterns are reoccurring, we investigate SQL injections in PHP open source projects. SQL injections are well-known and a core part of software...