TRESPASS: Plug-and-Play Attacker Profiles for Security Risk Analysis
نویسندگان
چکیده
Existing methods for security risk analysis typically estimate time, cost, or likelihood of success of attack steps. When the threat environment changes, such values have to be updated as well. However, the estimated values reflect both system properties and attacker properties: the time required for an attack step depends on attacker skill as well as the strength of a particular system component. In the TRESPASS project, we propose the separation of attacker and system properties. By doing so, we enable “plug-and-play” attacker profiles: profiles of adversaries that are independent of system properties, and thus can be reused in the same or different organisation to compare risk in case of different attacker profiles. We demonstrate its application in the framework of attack trees, as well as our new concept of attack navigators.
منابع مشابه
Network risk management using attacker profiling
Risk management refers to the process of making decisions that minimize the effects of vulnerabilities on the network hosts. This can be a difficult task in the context of high-exploit probability and the difficult to identify new exploits and vulnerabilities. For many years, security engineers have performed risk analysis using economic models for the design and operation of risk-prone, techno...
متن کاملCrypTopology: Plug, Play and Recover Key Management
Research on establishing and maintaining secure communication, has two distinct categories: using cryptography, with pre-shared or certified keys, and using known, redundant network topology. We present the CrypTopology model, combining cryptography with topology, with benefits over the pure-crypto and pure-topology approaches. The model also considers deployment challenges, by taking into acco...
متن کاملPlug-and-Play IP Security - Anonymity Infrastructure instead of PKI
We present the Plug-and-Play IP Security (PnP-IPsec) protocol. PnP-IPsec automatically establishes IPsec security associations between gateways, avoiding the need for manual administration and coordination between gateways, and the dependency on IPsec public key certificates the two problems which are widely believed to have limited the use of IPsec mostly to intra-organization communication. P...
متن کاملDevelopment and Implementation of a Trespass Location Severity Analysis on a Commuter Rail Right of Way
The United States Department of Transportation’s (USDOT) Research and Innovative Technology Administration’s John A. Volpe National Transportation Systems Center (Volpe Center), under the direction of the USDOT Federal Railroad Administration (FRA) Office of Research and Development (R&D), is conducting a Trespass Prevention Research Study (TPRS) in the city of West Palm Beach, Florida. The mai...
متن کاملارائه مدلی جهت استفاده ازعاملهای متحرک در سیستم های تشخیص نفوذ توزیع شده مبتنی بر تئوری بازی
The proposed framework applies two game theoretic models for economic deployment of intrusion detection system (IDS). The first scheme models and analyzes the interaction behaviors of between an attacker and intrusion detection agent within a non-cooperative game, and then the security risk value is derived from the mixed strategy Nash equilibrium. The second scheme uses the security risk value...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2014