Toward a secure system engineering methodolgy
Proceedings of the 1998 workshop on New security paradigms
Attack net penetration testing
Proceedings of the 2000 workshop on New security paradigms
I know my network: collaboration and expertise in intrusion detection
CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
Toward an Automated Attack Model for Red Teams
IEEE Security and Privacy
Matching attack patterns to security vulnerabilities in software-intensive system designs
SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Toward a threat model for storage systems
Proceedings of the 2005 ACM workshop on Storage security and survivability
On the design of more secure software-intensive systems by use of attack patterns
Information and Software Technology
Simulation framework for cyber terrors and defense
ICCOM'05 Proceedings of the 9th WSEAS International Conference on Communications
International Journal of Security and Networks
Colored petri net based attack modeling
RSFDGrC'03 Proceedings of the 9th international conference on Rough sets, fuzzy sets, data mining, and granular computing
Using attack and protection trees to analyze threats and defenses to homeland security
MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Modeling security attacks with statecharts
Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
Through the description of attacks: a multidimensional view
SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Quantifying the security of composed systems
PPAM'05 Proceedings of the 6th international conference on Parallel Processing and Applied Mathematics
A scalable, ordered scenario-based network security simulator
AsiaSim'04 Proceedings of the Third Asian simulation conference on Systems Modeling and Simulation: theory and applications
MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Attack modeling of SIP-Oriented SPIT
CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology
Hi-index | 0.00 |
Avoidance and discovery of security vulnerabilities in information systems requires awareness of typical risks and a good understanding of vulnerabilities and their exploitations. In this paper we compare common methods of sharing security related knowledge with regard to their ability to support avoidance and discovery of vulnerabilities. We suggest a new method of collaborative attack modeling that is especially suitable for this purpose. This method combines a graph-based attack modeling technique with ideas of a Web-based collaboration tool.