Collaborative attack modeling

Authors:
Jan Steffan;Markus Schumacher
Affiliations:
Darmstadt University of Technology;Darmstadt University of Technology
Venue:
Proceedings of the 2002 ACM symposium on Applied computing
Year:
2002

Citing 2
Cited 16

Toward a secure system engineering methodolgy

Proceedings of the 1998 workshop on New security paradigms
Attack net penetration testing

Proceedings of the 2000 workshop on New security paradigms

I know my network: collaboration and expertise in intrusion detection

CSCW '04 Proceedings of the 2004 ACM conference on Computer supported cooperative work
Toward an Automated Attack Model for Red Teams

IEEE Security and Privacy
Matching attack patterns to security vulnerabilities in software-intensive system designs

SESS '05 Proceedings of the 2005 workshop on Software engineering for secure systems—building trustworthy applications
Toward a threat model for storage systems

Proceedings of the 2005 ACM workshop on Storage security and survivability
On the design of more secure software-intensive systems by use of attack patterns

Information and Software Technology
Simulation framework for cyber terrors and defense

ICCOM'05 Proceedings of the 9th WSEAS International Conference on Communications
Analysing security risks in computer and Radio Frequency Identification (RFID) networks using attack and protection trees

International Journal of Security and Networks
Colored petri net based attack modeling

RSFDGrC'03 Proceedings of the 9th international conference on Rough sets, fuzzy sets, data mining, and granular computing
Using attack and protection trees to analyze threats and defenses to homeland security

MILCOM'06 Proceedings of the 2006 IEEE conference on Military communications
Modeling security attacks with statecharts

Proceedings of the joint ACM SIGSOFT conference -- QoSA and ACM SIGSOFT symposium -- ISARCS on Quality of software architectures -- QoSA and architecting critical systems -- ISARCS
Through the description of attacks: a multidimensional view

SAFECOMP'06 Proceedings of the 25th international conference on Computer Safety, Reliability, and Security
Quantifying the security of composed systems

PPAM'05 Proceedings of the 6th international conference on Parallel Processing and Applied Mathematics
A scalable, ordered scenario-based network security simulator

AsiaSim'04 Proceedings of the Third Asian simulation conference on Systems Modeling and Simulation: theory and applications
Analyzing vulnerabilities and measuring security level at design and exploitation stages of computer network life cycle

MMM-ACNS'05 Proceedings of the Third international conference on Mathematical Methods, Models, and Architectures for Computer Network Security
Attack modeling of SIP-Oriented SPIT

CRITIS'07 Proceedings of the Second international conference on Critical Information Infrastructures Security
Foundations of attack trees

ICISC'05 Proceedings of the 8th international conference on Information Security and Cryptology

Quantified Score

Hi-index	0.00

Visualization

Abstract

Avoidance and discovery of security vulnerabilities in information systems requires awareness of typical risks and a good understanding of vulnerabilities and their exploitations. In this paper we compare common methods of sharing security related knowledge with regard to their ability to support avoidance and discovery of vulnerabilities. We suggest a new method of collaborative attack modeling that is especially suitable for this purpose. This method combines a graph-based attack modeling technique with ideas of a Web-based collaboration tool.