System level security modeling using attack trees

2009 2nd International Conference on Computer, Control and Communication, IC4 2009

Volumn , Issue , 2009, Pages

  Khand, Parvaiz Ahmed ^a,b  

^a Korea Advanced Institute of Science and Technology (KAIST)   (South Korea)

^b PAKISTAN INSTITUTE OF NUCLEAR SCIENCE AND TECHNOLOGY   (Pakistan)

Author keywords

Attack tree; Attack tree nodes; Security modelings

Indexed keywords

ATTACK TREE; ATTACK TREE NODES; DYNAMIC ASPECTS; ERROR RECOVERY MECHANISMS; GRAPHICAL REPRESENTATIONS; INTRUSION TOLERANT SYSTEM; OPERATION MODE; ORDERING EVENTS; RELATED SYSTEMS; SECURITY MODEL; SECURITY MODELING; SECURITY MODELINGS; SYSTEM LEVELS;

GRAPHIC METHODS;

EID: 70349170749     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/IC4.2009.4909245     Document Type: Conference Paper

References (19)

1. D. P. Mirembe and M. Muyeba,"Threat modeling revisited: Improving expressiveness of attack", In Proc. of 2nd UKSIM European Symp. on computer Modeling and Simulation (EMS), England, pp. 93-98, 2008.
2. B. Schneier, "Attack Trees", Dr. Dobb's Journal, vol.24, no.12, pp.21-29, 1999.
3. D. M. Nicol, W. H. Sanders, and K. S. Trivedi, "Model-based evaluation: From dependability to security," IEEE Trans. on Dependable and Secure Computing, vol.1, no.1, pp. 48-65, 2004.
4. Y. Deswarte, L. Blain, and J. C. Fabre, "Intrusion tolerance in distributed computing systems," In Proc. of Symp. on Research in Security and Privacy, IEEE, pp.110-121, 1991. (Pubitemid 21717663)
5. A. Saidane, V. Nicomette, and Y. Deswarte, "The design of a generic Intrusion-Tolerant architecture for Web Servers", IEEE Trans. on dependable and secure computing, vol.5, no.2, 2008.
6. B. Schneier, "Secrets and Lies: Digital Security in a Networked World", 2000, John Wiley & Sons.
7. S. Mauw and M. Oostdijk, "Foundations of attack trees", Int. Conf. on Information Security and Cryptology - ICISC 2005, and LNCS 3935, 2005.
8. T. Tidwell, R. Larson, K. Fitch, and J. Hale, "Modeling Internet attacks", in Proc. of the IEEE Workshop on Information Assurance and Security, USA, 2001.
9. A. P. Moore, R. J. Ellison, and R. C. Linger, "Attack modeling for information security and survivability," Software Engineering Institute, Carnegie Mellon University, Technical note: CMU/SEI-2001-TN-001, 2001.
10. R. R. Yager, and Ht, "OWA trees and their role in security modeling using attack trees," Information Sciences, vol.176, no.20, pp. 2933-2959, 2006.
11. M. V. Higuero, J. J. Unzilla, E. Jacob, P. Sáiz, and D. Luengo, " Application of 'Attack Trees' Technique to Copyright Protection Protocols Using Watermarking and Definition of a New Transactions Protocol SecDP (Secure Distribution Protocol)", Lecture Notes in Computer Science (LNCS) 3311, pp. 264-275, 2004.
12. E. J. Byres, M. Franz and D. Miller, "The use of attack trees in assessing vulnerabilities in SCADA systems" in Int. Infrastructure Survivability Workshop (IISW'04), Lisbon, Portugal, 2004.
13. C. Fung, Y. L. Chen, X. Wang, J. Lee, R. Tarquini, M. Anderson and R. Linger, "Survivability analysis of distributed systems using attack tree methodology", IEEE Military Communications Conf., (MILCOM 2005), USA, Vol.1, pp. 583- 589, 2005.
14. K. Edge, R. Raines, R. Bennington and C. Reuter, "The use of attack and protection trees to analyze security for an online banking system", In Proc. of the 40th Hawaii Int. Conf. on System Sciences, 2007.
15. C. W. Ten, C. C. Liu, and M. Govindarasu, "Vulnerability assessment of cyber security for SCADA systems using attack trees," In Proc. of IEEE Power Engineering Society General Meeting, pp.1-8, 2007.
16. K. S. Edge, G. C. Dalton, R. A. Raines, R. F. Mills, "Using attack and protection trees to analyze threats and defenses to Homeland security," In Proc. of Military Communications Conf. (MILCOM 2006), pp.1-7, 2006.
17. P. A. Khand and P. H. Seong, "Towards the development of a methodology for the cyber security analysis of safety related nuclear digital I&C systems", in Trans. of the Korean Nuclear Society (KNS) spring meeting, Republic of Korea, May 2007.
18. P. A. Khand and P. H. Seong, "An attack model development process for the cyber security of safety related nuclear digital I&C systems", in Trans. of the Korean Nuclear Society (KNS) fall meeting, Republic of Korea, Oct. 2007.
19. J. B. Dugan, S. J. Bavuso, M. A Boyd, "Dynamic fault-tree models for fault-tolerant computer systems," IEEE Trans. on Reliability, vol.41, no.3, pp. 363-377, 1992 (Pubitemid 23555745)