Through the description of attacks: a multidimensional view

Authors:
Igor Nai Fovino;Marcelo Masera
Affiliations:
Institute for the Protection and the Security of the Citizen, Joint Research Centre, Ispra -Va, Italy;Institute for the Protection and the Security of the Citizen, Joint Research Centre, Ispra -Va, Italy
Venue:
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Year:
2006

Citing 8
Cited 2

Classification and detection of computer intrusions

Classification and detection of computer intrusions
An analysis of security incidents on the Internet 1989-1995

An analysis of security incidents on the Internet 1989-1995
Attack net penetration testing

Proceedings of the 2000 workshop on New security paradigms
Collaborative attack modeling

Proceedings of the 2002 ACM symposium on Applied computing
Managing Information Security Risks: The Octave Approach

Managing Information Security Risks: The Octave Approach
A Structural Framework for Modeling Multi-Stage Network Attacks

ICPPW '02 Proceedings of the 2002 International Conference on Parallel Processing Workshops
Risk Management for Computer Security: Protecting Your Network & Information Assets

Risk Management for Computer Security: Protecting Your Network & Information Assets
Security vulnerabilities in software systems: a quantitative perspective

DBSec'05 Proceedings of the 19th annual IFIP WG 11.3 working conference on Data and Applications Security

Modeling and analysis of procedural security in (e)voting: the Trentino's approach and experiences

EVT'08 Proceedings of the conference on Electronic voting technology
Assessing procedural risks and threats in e-voting: challenges and an approach

VOTE-ID'07 Proceedings of the 1st international conference on E-voting and identity

Quantified Score

Hi-index	0.00

Visualization

Abstract

Cyber attacks are the core of any security assessment of ICT-based systems. One of the more promising research fields in this context is related to the representation of the attack patterns. Several are the models proposed to represent them; these models usually provide a generic representation of attacks. Conversely, the experience shows that attack profiles are strongly dependent upon several “boundary conditions”. This paper defends that from the security assessment perspective, it is necessary to integrate the knowledge contained in the attack patterns with “boundary” knowledge related to vulnerability of the target system and to the potential threats. In this paper, after a characterization of this “boundary knowledge”, we propose an n-dimensional view of the attack tree approach, integrating information on threats and vulnerabilities. Moreover, we show how to use this view to derive knowledge about the security exposure of a target system.