Threat modeling revisited: Improving expressiveness of attack

Proceedings - EMS 2008, European Modelling Symposium, 2nd UKSim European Symposium on Computer Modelling and Simulation

Volumn , Issue , 2008, Pages 93-98

  Mirembe, Drake Patrick ^a   Muyeba, Maybin ^b  

^a MAKERERE UNIVERSITY   (Uganda)

^b LIVERPOOL HOPE UNIVERSITY   (United Kingdom)

Author keywords

Attack centric; Expressiveness; Petri nets; Semantics; Threat net; Threat centric

Indexed keywords

ANALYSIS THEORIES; ATTACK-CENTRIC; DEFENSE CAPABILITIES; EXPECTED VALUES; EXPRESSIVENESS; OPTIMAL SECURITIES; RANDOM EVENTS; SECURITY EXPERTS; THREAT MODELING; THREAT MODELS; THREAT NET; THREAT-CENTRIC;

CLUSTER ANALYSIS; COMPUTER SYSTEMS; GRAPH THEORY; INFORMATION THEORY; MAGNETIC PROPERTIES; MAGNETIC SUSCEPTIBILITY; MARINE BIOLOGY; PETRI NETS; RANDOM VARIABLES; SEMANTICS;

FISCHER-TROPSCH SYNTHESIS;

EID: 55849125795     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/EMS.2008.83     Document Type: Conference Paper

References (14)

1. D. Dolev and A. Yoa. On the security of public key protocols. In The Proceedings of IEEE 22nd annual Symposium on Foundations of Computer Science, 1981.
2. FaultTree Org. Fault tree analysis tool, Jan 2008.
3. H. Guo and W. Hsu. A survey on algorithms for real-time bayesian network inference. In In the joint AAAI-02/KDD-02/UAI-02 workshop on Real-Time Decision Support and Diagnosis Systems, Edmonton, Alberta, Canada, 2002.
4. J. McDermott. Attack net penetration testing. In Proceedings of the 2000 workshop on New Security Paradigms, pages 15-21, Ballycotton, County Cork, Ireland, 2001.
5. C. Pfleeger and S. Pfleeger. Security in Computing. 0-13-035548-8. Prentice Hall, third edition, 2003.
6. C. Phillips and P. Laura. A graph-based system for networkvulnerability analysis. In NSPW'98: Proceedings of the 1998 workshop on New security paradigms, pages 71-79, Charlottesville, Virginia, United States, 1998. ACM.
7. OWS Project. Threat risk modeling, October 2007.
8. J. Saunders. A dynamic risk model for information technologysecurity in a critical infrastructure environment, October 2007.
9. B. Schneier. Modeling security threats: Attack trees. Dr. Dobb's Journal, pages 1-9, December 1999.
10. B. Schneier. Secrets and Lies: Digital Security in a NetworkedWorld. Wiley, 2000.
11. H. Shwan, S. Lambart, T. Ostwald, and A. Shostack. Uncovering secuirty design flaws using the stride approach, October 2007.
12. M. Sjouke and O. Martijn. Foundations of attack trees. In D. Won and S. Kim, editors, 8th Annual International Conference on Information Security and Cryptology, ICISC'05, number 3935 in LNCS, pages 186-198. Springer, 2006.
13. J. Steffan and M. Schumacher. Collaborative attack modeling. In SAC'02: Proceedings of the 2002 ACM symposium on Applied computing, pages 253-259, Madrid, Spain, 2002. ACM.
14. H. Tilborg. Fundamentals of cryptology, A Professional reference and interactive tutorial. 0-7923-8675-2. Kluwer academic publishers, third edition, 2003.