Through the description of attacks: A multidimensional view

Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

Volumn 4166 LNCS, Issue , 2006, Pages 15-28

  Nai Fovino, Igor ^a   Masera, Marcelo ^a  

^a JOINT RESEARCH CENTRE   (Italy)

Author keywords

Attack pattern; Security assessment

Indexed keywords

BOUNDARY CONDITIONS; COMPUTER CRIME; INFORMATION ANALYSIS; INTEGRATION; KNOWLEDGE BASED SYSTEMS; SECURITY OF DATA;

ATTACK PATTERN; BOUNDARY KNOWLEDGE; GENERIC REPRESENTATION; SECURITY ASSESSMENT;

CYBERNETICS;

EID: 33750999336     PISSN: 03029743     EISSN: 16113349     Source Type: Book Series    
DOI: None     Document Type: Conference Paper

References (19)

1. Aslam, T., Krsul, I. & Spafford, E.H.: Use of a taxonomy of security faults. In Proceedings of the Nineteenth NIST-NCSC National Information Systems Security Conference, (1996) pages 551560.
2. Kumar, S. : Classification and Detection of Computer Intrusions. PhD thesis, Department of Computer Science, Purdue University, West Lafayette, Indiana (1995).
3. Howard, J.: An Analysis of Security Incidents on the Internet, 19891995. PhD thesis, Department of Engineering and Public Policy, Carnegie Mellon University, Pittsburgh, Pennsylvania (1997).
4. S. Jajodia, S. Noel, B. O'Berry: Topological Analysis of Network Attack Vulnerability. In Managing Cyber Threats: Issues, Approaches and Challenges, V. Kumar, J. Srivastava, A. Lazarevic (eds.), Kluwer Academic Publisher (2004).
5. Jones, A., Ashenden, D.: Risk Management for Computer Security : Protecting Your Network & Information Assets. Elsevier (March 2005).
6. Code of Practice for Information Security Management. International Standard (ISO/IEC) 17799:2000.
7. Alberts, C., & Dorofee, A.: Managing Information Security Risks: The OCTAVE (SM) Approach., Addison Wesley Professional (July 2002)
8. Masera, M., Nai Fovino, I., & Sgnaolin, R.: A Framework for the Security Assessment of Remote Control Applications of Critical Infrastructure. ESReDA 29th Seminar, (2005) Ispra.
9. Masera, M., Nai Fovino, I.: Models for Security Assessment and Management. In Proceeding of the International Workshop on Complex Network and Infrastructure Protection 2006, (2006) Rome, Italy.
10. Alhazmi, O., Malaiya, Y., & Ray, L: Security Vulnerabilities in Software Systems: A Quantitative Perspective. Lecture Notes in Computer Science, Volume 3654/2005. (2005) Publisher: Springer-Verlag GmbH.
11. Bishop, M.: Computer Security Art and Science, (November 2004) Addison Wesley.
12. Bugtraq vulnerability database, http://securityfocus.com
13. Steffan, J., Schumacher, M.: Collaborative attack modeling. In proceeding of the Symposium on Applied Computing, Madrid, Spain (2002) pp. 253-259
14. Tidwell, T., Larson. R., Fitch, K. & Hale, J.: Modeling Internet Attacks. Proceeding of the 2001 IEEE Workshop on Information Assurance and Security. United States Military Academy, West Point, NY (2001).
15. McDermott, J.: Attack Penetration Testing. In Proceeding of the 2000 New Security Paradigm Workshop, ACM SigSAC, ACM Press, ((2000) pp. 15-22.
16. Helmer, G., Wong, J., Slagell, M., Honavar, V., Miller, L., and Lutz, R.: A Software Fault Tree Approach to Requirements Analysis of an Intrusion Detection System. In Proceedings of the first Symposium on Requirements Engineering for Information Security (2001).
17. Schneier, B.: Modeling Security Threats, Dr. Dobb's Journal. https://www.schneier.com/paper-attacktrees-ddj-ft.html (2001).
18. Daley, K., Larson, R., & Dawkins, J.: A Structural Framework for Modeling Multi-stage Network Attacks. Proceedings of the International Conference on Parallel Processing Workshops. ICPP Workshops (2002), pp. 5-10.
19. Masera, M. & Nai Fovino, I.: Modelling Information Assets for Security Risk Assessment in Industrial settings. 15th EICAR Annual Conference (2006).