Skip to main content
To KTH's start page

Publications

Some recent selected publications from the Software Systems Architecture and Security (SSAS) group.

Journal publications

[1]
S. Katsikeas et al., "Development and validation of coreLang : A threat modeling language for the ICT domain," Computers & security (Print), vol. 146, 2024.
[2]
Z. Afzal et al., "Security Challenges in Energy Flexibility Markets : A Threat Modelling-Based Cyber-Security Analysis," Electronics, vol. 13, no. 22, 2024.
[3]
S. Katsikeas et al., "Empirical evaluation of a threat modeling language as a cybersecurity assessment tool," Computers & security (Print), vol. 140, 2024.
[4]
W. Widel et al., "The meta attack language-a formal description," Computers & security (Print), vol. 130, pp. 103284, 2023.
[5]
M. Ekstedt et al., "Yet another cybersecurity risk assessment framework," International Journal of Information Security, vol. 22, no. 6, pp. 1713-1729, 2023.
[6]
M. Balliu et al., "Challenges of Producing Software Bill of Materials for Java," IEEE Security and Privacy, vol. 21, no. 6, pp. 12-23, 2023.
[7]
E. Rencelj Ling and M. Ekstedt, "Estimating Time-To-Compromise for Industrial Control System Attack Techniques Through Vulnerability Data," SN Computer Science, vol. 4, no. 3, 2023.
[8]
E. Ling and M. Ekstedt, "A threat modeling language for generating attack graphs of substation automation systems," International Journal of Critical Infrastructure Protection, vol. 41, 2023.
[9]
W. Widel, P. Mukherjee and M. Ekstedt, "Security Countermeasures Selection Using the Meta Attack Language and Probabilistic Attack Graphs," IEEE Access, vol. 10, pp. 89645-89662, 2022.
[10]
V. Engström et al., "Automated Security Assessments of Amazon Web Service Environments," ACM Transactions on Privacy and Security, vol. 26, no. 2, pp. 1-31, 2022.
[11]
S. Katsikeas et al., "Research communities in cyber security: A comprehensive literature review," Computer Science Review, vol. 42, pp. 100431-100431, 2021.
[12]
S. Hacks et al., "powerLang : a probabilistic attack simulation language for the power domain," Energy Informatics, vol. 3, no. 1, 2020.
[13]
A. Iqbal, F. Mahmood and M. Ekstedt, "Digital Forensic Analysis of Industrial Control Systems Using Sandboxing : A Case of WAMPAC Applications in the Power Systems," Energies, vol. 12, no. 13, 2019.
[14]
M. Ekstedt et al., "Message from the EDOC 2018 Workshop and Demo Chairs," 22nd IEEE International Enterprise Distributed Object Computing Conference Workshops, EDOCW 2018, vol. 2018-October, 2018.
[15]
P. Johnson et al., "Can the Common Vulnerability Scoring System be Trusted? : A Bayesian Analysis," IEEE Transactions on Dependable and Secure Computing, vol. 15, no. 6, pp. 1002-1015, 2018.
[16]
A. Vernotte et al., "Load Balancing of Renewable Energy : A Cyber Security Analysis," Energy Informatics, vol. 1, 2018.

Conference publications

[1]
V. Engström, G. Nebbione and M. Ekstedt, "A Metalanguage for Dynamic Attack Graphs and Lazy Generation," in ARES 2024 - 19th International Conference on Availability, Reliability and Security, Proceedings, 2024.
[2]
J. Nyberg and P. Johnson, "Structural Generalization in Autonomous Cyber Incident Response with Message-Passing Neural Networks and Reinforcement Learning," in 2024 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE, CSR, 2024, pp. 282-289.
[3]
S. G. E. Gökstorp et al., "Anomaly Detection in Security Logs using Sequence Modeling," in Proceedings of IEEE/IFIP Network Operations and Management Symposium 2024, NOMS 2024, 2024.
[4]
M. Balliu et al., "Software Bill of Materials in Java," in SCORED 2023 - Proceedings of the 2023 Workshop on Software Supply Chain Offensive Research and Ecosystem Defenses, 2023, pp. 75-76.
[5]
J. Nyberg, P. Johnson and A. Mehes, "Cyber threat response using reinforcement learning in graph-based attack simulations," in Proceedings of the IEEE/IFIP Network Operations and Management Symposium 2022 : Network and Service Management in the Era of Cloudification, Softwarization and Artificial Intelligence, NOMS 2022, 2022.
[6]
O. Kraft et al., "Development and Implementation of a Holistic Flexibility Market Architecture," in 2022 IEEE Power and Energy Society Innovative Smart Grid Technologies Conference, ISGT 2022, 2022.
[7]
N. Muller et al., "Threat Scenarios and Monitoring Requirements for Cyber-Physical Systems of Flexibility Markets," in 2022 IEEE PES Generation, Transmission and Distribution Conference and Exposition - Latin America, IEEE PES GTD Latin America 2022, 2022.
[8]
P. Fahlander et al., "Containment Strategy Formalism in a Probabilistic Threat Modelling Framework," in Proceedings of the 8th international conference on information systems security and privacy (ICISSP), 2022, pp. 108-120.
[9]
E. Rencelj Ling and M. Ekstedt, "Estimating the Time-To-Compromise of Exploiting Industrial Control System Vulnerabilities," in Proceedings of the 8th International Conference on Information Systems Security and Privacy - ICISSP, 2022, pp. 96-107.
[10]
A. Gylling et al., "Mapping Cyber Threat Intelligence to Probabilistic Attack Graphs," in PROCEEDINGS OF THE 2021 IEEE INTERNATIONAL CONFERENCE ON CYBER SECURITY AND RESILIENCE (IEEE CSR), 2021, pp. 304-311.
[11]
E. Rencelj Ling and M. Ekstedt, "Generating Threat Models and Attack Graphs based on the IEC 61850 System Configuration description Language," in Proceedings of the 2021 ACM Workshop on Secure and Trustworthy Cyber-Physical Systems, 2021.
[12]
N. Kakouros, P. Johnson and R. Lagerström, "Detecting plagiarism in penetration testing education," in Nordsec 2020, The 25th Nordic Conference on Secure IT Systems, November 23-24, Online, 2020.
[13]
S. Katsikeas et al., "An Attack Simulation Language for the IT Domain," in Graphical Models for Security : 7th International Workshop, GraMSec 2020, Boston, MA, USA, June 22, 2020, Revised Selected Papers, 2020, pp. 67-86.
[14]
R. Lagerström, W. Xiong and M. Ekstedt, "Threat modeling and attack simulations of smart cities : A literature review and explorative study," in ICISSP 2020 - Proceedings of the 6th International Conference on Information Systems Security and Privacy, 2020, pp. 369-376.
[15]
E. Ling, R. Lagerström and M. Ekstedt, "A Systematic Literature Review of Information Sources for Threat Modeling in the Power Systems Domain," in Critical Information Infrastructures Security, CRITIS. 15th International Conference, CRITIS 2020, Bristol, UK, September 2–3, 2020, Proceedings, 2020, pp. 47-58.
[16]
M. Almgren et al., "RICS-el : Building a national testbed for research and training on SCADA security (short paper)," in Lect. Notes Comput. Sci., 2019, pp. 219-225.
[17]
X. Mao et al., "Conceptual Abstraction of Attack Graphs : a Use Case of securiCAD," in Graphical Models for Security. GraMSec 2019., 2019, pp. 186-202.
[18]
S. Katsikeas et al., "Probabilistic Modeling and Simulation of Vehicular Cyber Attacks : An Application of the Meta Attack Language," in Proceedings of the 5th international conference on information systems security and privacy (ICISSP), 2019, pp. 175-182.
[19]
M. Ekstedt and I. Rychkova, "Message from the EDOC 2019 workshop and demo chairs," in Proceedings 23rd IEEE International Enterprise Distributed Object Computing Workshop, EDOCW 2019, 2019.
[20]
A. Iqbal, F. Mahmood and M. Ekstedt, "An experimental forensic testbed : Attack-based digital forensic analysis of WAMPAC applications," in IET Conference Publications, 2018.
[21]
S. Nurcan and P. Johnson, "Message from the EDOC 2018 program chairs," in Proceedings - 2018 IEEE 22nd International Enterprise Distributed Object Computing Conference, EDOC 2018, 2018.
[22]
A. Iqbal et al., "Identification of Attack-based Digital Forensic Evidences for WAMPAC Systems," in Proceedings - 2018 IEEE International Conference on Big Data, Big Data 2018, 2018, pp. 3078-3086.
[23]
A. Iqbal, F. Mahmood and M. Ekstedt, "An Experimental Forensic Test bed: Attack-based Digital Forensic Analysis of WAMPAC Applications," in The 11th Mediterranean Conference on Power Generation, Transmission, Distribution and Energy Conversion (MedPower 2018), 2018.
[24]
R. Terruggia, G. Dondossola and M. Ekstedt, "Cyber security analysis of Web-of-Cells energy architectures," in Proceedings of the 5th International Symposium for ICS & SCADA Cyber Security Research (ICS-CSR), 2018.
[25]
A. Iqbal, M. Ekstedt and H. Alobaidli, "Digital Forensic Readiness in Critical Infrastructures : A case of substation automation in the power sector," in Digital Forensics and Cyber Crime : 9th International Conference, ICDF2C 2017, Prague, Czech Republic, October 9-11, 2017, Proceedings, 2018, pp. 117-129.
[26]
P. Johnson, R. Lagerström and M. Ekstedt, "A Meta Language for Threat Modeling and Attack Simulations," in ACM International Conference Proceeding Series, 2018.

Open-access computer programs

Pontus Johnson, Mathias Ekstedt, and Robert Lagerström, ” The Meta Attack Language (MAL) .” Including MAL based languages such as coreLang, vehicleLang, cloudLang, enterpriseLang, powerLang.

Pontus Johnson, Robert Lagerström, and Mathias Ekstedt, “ A Meta Language for Threat Modeling and Attack Simulations ,” in Proc. of the International Conference on Availability, Reliability and Security (ARES 2018) and the joint International Workshop on Cyber Threat Intelligence (WCTI 2018), 2018.

Other programs and tools can be found on the KTH SSAS github page .

Master Theses

Hjert, Adrian and Salomonsson, Viktor, Braking Bad – Remote Attack Vector Analysis on the MG Marvel R, 2025
Bergström, Lukas and Linusson-Hahn, Lage, Exploiting Vulnerabilities to Remotely Hijack Children’s Smartwatches, 2024
Korduner Ekroth, Johan, A Penetration Testing Study on a Connected Vehicle Penetration testing of current smart thermostats, 2024
Sannervik, Filip, Beyond the Dashboard – Vulnerability analysis of the MG Marvel R IVI, 2024
Wadell Ledin, Erik, Security Evaluation of a High-assurance USB sanitation system, 2024
Wallin Forsell, Fredrik, Cyber Security Assessment of Distribution System Operators, 2024
Öberg, Joakim, How safe is safe – Ethical hacking of Verisure’s home alarm system, 2024
Shamaya, Nina and Tarcheh, Gergo, Strengthening Cyber Defense – Comparative Study of Smart-Home Pen-testing vs Cyber Ranges, 2024
Siklosi, Martin and Olsson Kihlborg, Robert, Security Analysis of Nedis SmartLife Video Doorbell, 2024
Lundén, Viktor, Automated Threat Modelling in an Existing Medical System, 2024
Mickols, Erik, Memory corruption in IoT – Extending PatrIoT to hunt bugs, 2024
Hussain, Adeel, Cybersecurity Analysis of Charge-Amps “Dawn” EV Chargebox Systems, 2024
Antal, Oliver, A cybersecurity audit of the Garmin Venu, 2023
Feller, Shanly, A study of Oracle Cloud Infrastructure (penetration attacks), 2023
Ethical hacking of a network security camera, 2023
Henning, Johan, Pentesting on a WiFi Adapter, 2023
Karlberg, Pontus, Is your camera spying on you? – A security evaluation of a smart camera, 2023
Liu, Shuyuan, Penetration testing of Sesame Smart door lock, 2023
Pétursson, Arnar, Ethical Hacking of a Ring Doorbell, 2023
Stenhav, Hîvron, Security evaluation of the Matrix Server-Server API, 2023
Tian, Yaqi, Are Children Safe with Smart Watches? – Security Analysis and Ethical Hacking, 2023
Vatn, Niklas, Underneath the Surface – Threat modelling & pen-testing of a submarine robot, 2023
Zhou, Ziyang, Evaluating Security Mechanisms of Substation Automation Systems
Hacking the airport X-ray machine, 2023