{"id":"https://openalex.org/W4310044468","doi":"https://doi.org/10.3233/jcs-210075","title":"A mutation-based approach for the formal and automated analysis of security ceremonies","display_name":"A mutation-based approach for the formal and automated analysis of security ceremonies","publication_year":2022,"publication_date":"2022-11-23","ids":{"openalex":"https://openalex.org/W4310044468","doi":"https://doi.org/10.3233/jcs-210075"},"language":"en","primary_location":{"id":"doi:10.3233/jcs-210075","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-210075","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5027086484","display_name":"Diego Sempreboni","orcid":null},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":false,"raw_author_name":"Diego Sempreboni","raw_affiliation_strings":["Department of Informatics, King\u2019s College London, London, UK"],"affiliations":[{"raw_affiliation_string":"Department of Informatics, King\u2019s College London, London, UK","institution_ids":["https://openalex.org/I183935753"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5101515402","display_name":"Luca Vigan\u00f2","orcid":"https://orcid.org/0000-0001-9916-271X"},"institutions":[{"id":"https://openalex.org/I183935753","display_name":"King's College London","ror":"https://ror.org/0220mzb33","country_code":"GB","type":"education","lineage":["https://openalex.org/I124357947","https://openalex.org/I183935753"]}],"countries":["GB"],"is_corresponding":true,"raw_author_name":"Luca Vigan\u00f2","raw_affiliation_strings":["Department of Informatics, King\u2019s College London, London, UK"],"affiliations":[{"raw_affiliation_string":"Department of Informatics, King\u2019s College London, London, UK","institution_ids":["https://openalex.org/I183935753"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5101515402"],"corresponding_institution_ids":["https://openalex.org/I183935753"],"apc_list":null,"apc_paid":null,"fwci":1.515,"has_fulltext":false,"cited_by_count":6,"citation_normalized_percentile":{"value":0.86756245,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":95,"max":99},"biblio":{"volume":"31","issue":"4","first_page":"293","last_page":"364"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9993000030517578,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11504","display_name":"Advanced Authentication Protocols Security","score":0.9991000294685364,"subfield":{"id":"https://openalex.org/subfields/1705","display_name":"Computer Networks and Communications"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9890999794006348,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/ceremony","display_name":"Ceremony","score":0.936150074005127},{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.8126387596130371},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.5329469442367554},{"id":"https://openalex.org/keywords/payment","display_name":"Payment","score":0.47661009430885315},{"id":"https://openalex.org/keywords/human\u2013computer-interaction","display_name":"Human\u2013computer interaction","score":0.4309767186641693},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.24508610367774963}],"concepts":[{"id":"https://openalex.org/C2775843773","wikidata":"https://www.wikidata.org/wiki/Q2627975","display_name":"Ceremony","level":2,"score":0.936150074005127},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.8126387596130371},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.5329469442367554},{"id":"https://openalex.org/C145097563","wikidata":"https://www.wikidata.org/wiki/Q1148747","display_name":"Payment","level":2,"score":0.47661009430885315},{"id":"https://openalex.org/C107457646","wikidata":"https://www.wikidata.org/wiki/Q207434","display_name":"Human\u2013computer interaction","level":1,"score":0.4309767186641693},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.24508610367774963},{"id":"https://openalex.org/C138885662","wikidata":"https://www.wikidata.org/wiki/Q5891","display_name":"Philosophy","level":0,"score":0.0},{"id":"https://openalex.org/C27206212","wikidata":"https://www.wikidata.org/wiki/Q34178","display_name":"Theology","level":1,"score":0.0}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.3233/jcs-210075","is_oa":false,"landing_page_url":"https://doi.org/10.3233/jcs-210075","pdf_url":null,"source":{"id":"https://openalex.org/S106992369","display_name":"Journal of Computer Security","issn_l":"0926-227X","issn":["0926-227X","1875-8924"],"is_oa":false,"is_in_doaj":false,"is_core":true,"host_organization":"https://openalex.org/P4310318577","host_organization_name":"IOS Press","host_organization_lineage":["https://openalex.org/P4310318577"],"host_organization_lineage_names":["IOS Press"],"type":"journal"},"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Journal of Computer Security","raw_type":"journal-article"}],"best_oa_location":null,"sustainable_development_goals":[{"id":"https://metadata.un.org/sdg/9","score":0.5400000214576721,"display_name":"Industry, innovation and infrastructure"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":49,"referenced_works":["https://openalex.org/W43617550","https://openalex.org/W44769187","https://openalex.org/W50729311","https://openalex.org/W146244851","https://openalex.org/W798152072","https://openalex.org/W1495408127","https://openalex.org/W1536580911","https://openalex.org/W1541087836","https://openalex.org/W1543661381","https://openalex.org/W1598111807","https://openalex.org/W1607827729","https://openalex.org/W1782799247","https://openalex.org/W1832469506","https://openalex.org/W1871241722","https://openalex.org/W1930546125","https://openalex.org/W1973054120","https://openalex.org/W1989002073","https://openalex.org/W2002789557","https://openalex.org/W2029693536","https://openalex.org/W2066158003","https://openalex.org/W2081830543","https://openalex.org/W2085675184","https://openalex.org/W2104655005","https://openalex.org/W2111336263","https://openalex.org/W2114189125","https://openalex.org/W2119232573","https://openalex.org/W2121845793","https://openalex.org/W2133126578","https://openalex.org/W2135841285","https://openalex.org/W2296575472","https://openalex.org/W2395822484","https://openalex.org/W2401210256","https://openalex.org/W2402680660","https://openalex.org/W2507474852","https://openalex.org/W2534475152","https://openalex.org/W2587679938","https://openalex.org/W2734888738","https://openalex.org/W2891988338","https://openalex.org/W2956452656","https://openalex.org/W2968991706","https://openalex.org/W2995364870","https://openalex.org/W3092038609","https://openalex.org/W3094828954","https://openalex.org/W3097629519","https://openalex.org/W3193786204","https://openalex.org/W4226255860","https://openalex.org/W4285125406","https://openalex.org/W4288758382","https://openalex.org/W4297578461"],"related_works":["https://openalex.org/W2748952813","https://openalex.org/W2389808063","https://openalex.org/W2557881023","https://openalex.org/W2186723109","https://openalex.org/W2367215255","https://openalex.org/W4256107319","https://openalex.org/W2383931069","https://openalex.org/W3126916001","https://openalex.org/W2361547751","https://openalex.org/W2384582612"],"abstract_inverted_index":{"There":[0],"is":[1,175],"an":[2],"increasing":[3],"number":[4,215],"of":[5,36,64,102,112,116,138,182,185,195,201,216,220,238,249],"cyber-systems":[6],"(e.g.,":[7],"systems":[8],"for":[9,30,135,190],"payment,":[10],"transportation,":[11],"voting,":[12],"critical":[13],"infrastructures)":[14],"whose":[15],"security":[16,37,40,44,74,196],"depends":[17],"intrinsically":[18],"on":[19,180],"human":[20,48,83,104],"users.":[21],"In":[22],"this":[23],"paper,":[24],"we":[25,168,203],"introduce":[26],"a":[27,43,72,103,176,199,214],"novel":[28],"approach":[29,94,207],"the":[31,80,91,110,113,117,121,130,136,139,150,154,171,186,191,239,250],"formal":[32],"and":[33,62,70,124,143],"automated":[34],"analysis":[35,75,137],"ceremonies.":[38],"A":[39],"ceremony":[41,118,141,155,241,251],"expands":[42],"protocol":[45],"to":[46,119,208,259],"include":[47,149],"nodes":[49],"alongside":[50],"computer":[51],"nodes,":[52],"with":[53],"communication":[54,61],"links":[55],"that":[56,67,82,98,178],"comprise":[57],"user":[58],"interfaces,":[59],"human-to-human":[60],"transfers":[63],"physical":[65],"objects":[66],"carry":[68],"data,":[69],"thus":[71],"ceremony\u2019s":[73],"should":[76],"include,":[77],"in":[78,90,109,152],"particular,":[79],"mistakes":[81],"users":[84],"might":[85],"make":[86],"when":[87],"participating":[88],"actively":[89],"ceremony.":[92,132],"Our":[93],"defines":[95],"mutation":[96],"rules":[97],"model":[99],"possible":[100,145],"behaviors":[101],"user,":[105],"automatically":[106,125],"generates":[107],"mutations":[108,128],"behavior":[111],"other":[114],"agents":[115],"match":[120],"human-induced":[122],"mutations,":[123,146],"propagates":[126],"these":[127,221],"through":[129],"whole":[131],"This":[133],"allows":[134],"original":[140],"specification":[142],"its":[144],"which":[147,153,174],"may":[148],"way":[151],"has":[156],"actually":[157],"been":[158,232],"implemented":[159],"or":[160,243],"could":[161],"be":[162],"implemented.":[163],"To":[164],"automate":[165],"our":[166,206],"approach,":[167],"have":[169,204],"developed":[170],"tool":[172],"X-Men,":[173],"prototype":[177],"builds":[179],"top":[181],"Tamarin,":[183],"one":[184],"most":[187],"common":[188],"tools":[189],"automatic":[192],"unbounded":[193],"verification":[194],"protocols.":[197],"As":[198],"proof":[200],"concept,":[202],"applied":[205],"three":[209],"real-life":[210],"case":[211],"studies,":[212],"uncovering":[213],"concrete":[217],"vulnerabilities.":[218],"Some":[219],"vulnerabilities":[222],"were":[223],"so":[224,230],"far":[225,231],"unknown,":[226],"whereas":[227],"others":[228],"had":[229],"discovered":[233],"only":[234],"by":[235,244,252],"empirical":[236],"observation":[237],"actual":[240],"execution":[242],"directly":[245],"formalizing":[246],"alternative":[247],"models":[248],"hand,":[253],"but":[254],"X-Men":[255],"instead":[256],"allowed":[257],"us":[258],"find":[260],"them":[261],"automatically.":[262]},"counts_by_year":[{"year":2026,"cited_by_count":1},{"year":2025,"cited_by_count":2},{"year":2024,"cited_by_count":3}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}