Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University

Digital Library

Kyle O'Meara
December 2017 - White Paper Embedded Device Vulnerability Analysis Case Study Using Trommel

Topics: Vulnerability Analysis

This document provides security researchers with a repeatable methodology to produce more thorough and actionable results when analyzing embedded devices for vulnerabilities.

October 2017 - Technical Report 2017 Emerging Technology Domains Risk Survey

Topics: Cyber-Physical Systems, Vulnerability Analysis

This report describes our understanding of future technologies and helps US-CERT identify vulnerabilities, promote security practices, and understand vulnerability risk.

May 2016 - Technical Report Using Honeynets and the Diamond Model for ICS Threat Analysis

Topics: Vulnerability Analysis

This report presents an approach to analyzing approximately 16 gigabytes of full packet capture data collected from an industrial control system honeynet—a network of seemingly vulnerable machines designed to lure attackers.

April 2016 - Technical Report A Unique Approach to Threat Analysis Mapping: A Malware-Centric Methodology

As they constantly change network infrastructure, adversaries consistently use and update their tools. This report presents a way for researchers to begin threat analysis with those tools rather than with network or incident data alone.

March 2016 - White Paper Malware Capability Development Patterns Respond to Defenses: Two Case Studies

Topics: Malware Analysis

In this paper, the authors describe their analysis of two case studies to outline the relationship between adversaries and network defenders.