Design patterns: elements of reusable object-oriented software
Design patterns: elements of reusable object-oriented software
Understanding and using patterns in software development
Theory and Practice of Object Systems - Special issue on patterns
Pattern-oriented software architecture: a system of patterns
Pattern-oriented software architecture: a system of patterns
Internet security attacks at the basic levels
ACM SIGOPS Operating Systems Review
Software Architecture in Practice
Software Architecture in Practice
How to Systematically Classify Computer Security Intrusions
SP '97 Proceedings of the 1997 IEEE Symposium on Security and Privacy
Threat Modeling
Exploiting Software: How to Break Code
Exploiting Software: How to Break Code
A taxonomy of DDoS attack and DDoS defense mechanisms
ACM SIGCOMM Computer Communication Review
A survey of peer-to-peer content distribution technologies
ACM Computing Surveys (CSUR)
The Essence of P2P: A Reference Architecture for Overlay Networks
P2P '05 Proceedings of the Fifth IEEE International Conference on Peer-to-Peer Computing
Software Vulnerability Analysis for Web Services Software Systems
ISCC '06 Proceedings of the 11th IEEE Symposium on Computers and Communications
Clusters and security: distributed security for distributed systems
CCGRID '05 Proceedings of the Fifth IEEE International Symposium on Cluster Computing and the Grid - Volume 01
Secure Software Design in Practice
ARES '08 Proceedings of the 2008 Third International Conference on Availability, Reliability and Security
Security Engineering: A Guide to Building Dependable Distributed Systems
Security Engineering: A Guide to Building Dependable Distributed Systems
Software Architecture: Foundations, Theory, and Practice
Software Architecture: Foundations, Theory, and Practice
Distributed Systems Security: Issues, Processes and Solutions
Distributed Systems Security: Issues, Processes and Solutions
Network Intrusion Detection and Prevention: Concepts and Techniques
Network Intrusion Detection and Prevention: Concepts and Techniques
Security for Web Services and Service-Oriented Architectures
Security for Web Services and Service-Oriented Architectures
P2P attack taxonomy and relationship analysis
ICACT'09 Proceedings of the 11th international conference on Advanced Communication Technology - Volume 2
Designing Secure SCADA Systems Using Security Patterns
HICSS '10 Proceedings of the 2010 43rd Hawaii International Conference on System Sciences
Proceedings of the 15th Conference on Pattern Languages of Programs
A survey of peer-to-peer security issues
ISSS'02 Proceedings of the 2002 Mext-NSF-JSPS international conference on Software security: theories and systems
Attack Surfaces: A Taxonomy for Attacks on Cloud Services
CLOUD '10 Proceedings of the 2010 IEEE 3rd International Conference on Cloud Computing
A survey of DHT security techniques
ACM Computing Surveys (CSUR)
Developer-Driven Threat Modeling: Lessons Learned in the Trenches
IEEE Security and Privacy
A Taxonomy of Cyber Attacks on SCADA Systems
ITHINGSCPSCOM '11 Proceedings of the 2011 International Conference on Internet of Things and 4th International Conference on Cyber, Physical and Social Computing
Security in p2p networks: survey and research directions
EUC'06 Proceedings of the 2006 international conference on Emerging Directions in Embedded and Ubiquitous Computing
A taxonomy of rational attacks
IPTPS'05 Proceedings of the 4th international conference on Peer-to-Peer Systems
Taxonomies of attacks and vulnerabilities in computer systems
IEEE Communications Surveys & Tutorials
Internet infrastructure security: a taxonomy
IEEE Network: The Magazine of Global Internetworking
ASWEC '13 Proceedings of the 2013 22nd Australian Conference on Software Engineering
Hi-index | 0.00 |
Security is one of the most essential quality attributes of distributed systems, which often operate over untrusted networks such as the Internet. To incorporate security features during the development of a distributed system requires a sound analysis of potential attacks or threats in various contexts, a process that is often termed ''threat modeling''. To reduce the level of security expertise required, threat modeling can be supported by threat libraries (structured or unstructured lists of threats), which have been found particularly effective in industry scenarios; or attack taxonomies, which offer a classification scheme to help developers find relevant attacks more easily. In this paper we combine the values of threat libraries and taxonomies, and propose an extensible, two-level ''pattern-based taxonomy'' for (general) distributed systems. The taxonomy is based on the novel concept of a threat pattern, which can be customized and instantiated in different architectural contexts to define specific threats to a system. This allows developers to quickly consider a range of relevant threats in various architectural contexts as befits a threat library, increasing the efficacy of, and reducing the expertise required for, threat modeling. The taxonomy aims to classify a wide variety of more abstract, system- and technology-independent threats, which keeps the number of threats requiring consideration manageable, increases the taxonomy's applicability, and makes it both more practical and more useful for security novices and experts alike. After describing the taxonomy which applies to distributed systems generally, we propose a simple and effective method to construct pattern-based threat taxonomies for more specific system types and/or technology contexts by specializing one or more threat patterns. This allows for the creation of a single application-specific taxonomy. We demonstrate our approach to specialization by constructing a threat taxonomy for peer-to-peer systems.