Layered security architecture for threat management using multi-agent system
ACM SIGSOFT Software Engineering Notes
Mitigating multi-threats optimally in proactive threat management
ACM SIGSOFT Software Engineering Notes
Comparing attack trees and misuse cases in an industrial setting
Information and Software Technology
Hi-index | 0.00 |
There were times when software systems and networks posed no or very little security problems. However, with expanding connectivity during last few years problem of security has been making headlines. This is due to increase in threat environment and breach of security vital to the interest of end users. Keeping in view the security requirements in the present system all the attack points which can be threatened have to be identified, analyzed and remedial measures taken at the initial stage of software development process. The use of multiple techniques is the subject of research for deriving security requirements. In this paper, we are overlapping misuse case and attack trees techniques to propose a new technique named “Hybrid Technique”. This Hybrid Technique merges the strengths of misuse cases and attack trees making the system stronger to mitigate weaknesses effectively in large and complex systems. In our approach we firstly identify threats using the concepts of threat modeling, and then map these threats into security requirements using Hybrid Technique. In the case study, we have used this technique for specifying security requirements for wireless hotspots.