Model the System from Adversary Viewpoint: Threats Identification and Modeling
Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), a...
| Main Authors: | , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Open Publishing Association
2014-10-01
|
| Series: | Electronic Proceedings in Theoretical Computer Science |
| Online Access: | http://arxiv.org/pdf/1410.4305v1 |
| id |
doaj-b3ab2b3219bc43d6a57d29d528c1f0c0 |
|---|---|
| record_format |
Article |
| spelling |
doaj-b3ab2b3219bc43d6a57d29d528c1f0c02020-11-24T23:18:29ZengOpen Publishing AssociationElectronic Proceedings in Theoretical Computer Science2075-21802014-10-01165Proc. AIDP 2014455810.4204/EPTCS.165.4:4Model the System from Adversary Viewpoint: Threats Identification and ModelingMuhammad Sabir Idrees0Yves Roudier1Ludovic Apvrille2 Institut Mines-Télécom, Télécom Bretagne, France Institut EURECOM, France Institut Mines-Télécom, Télécom ParisTech, France Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), and How (attack method), adversary achieved his attack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework, developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta-model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework.http://arxiv.org/pdf/1410.4305v1 |
| collection |
DOAJ |
| language |
English |
| format |
Article |
| sources |
DOAJ |
| author |
Muhammad Sabir Idrees Yves Roudier Ludovic Apvrille |
| spellingShingle |
Muhammad Sabir Idrees Yves Roudier Ludovic Apvrille Model the System from Adversary Viewpoint: Threats Identification and Modeling Electronic Proceedings in Theoretical Computer Science |
| author_facet |
Muhammad Sabir Idrees Yves Roudier Ludovic Apvrille |
| author_sort |
Muhammad Sabir Idrees |
| title |
Model the System from Adversary Viewpoint: Threats Identification and Modeling |
| title_short |
Model the System from Adversary Viewpoint: Threats Identification and Modeling |
| title_full |
Model the System from Adversary Viewpoint: Threats Identification and Modeling |
| title_fullStr |
Model the System from Adversary Viewpoint: Threats Identification and Modeling |
| title_full_unstemmed |
Model the System from Adversary Viewpoint: Threats Identification and Modeling |
| title_sort |
model the system from adversary viewpoint: threats identification and modeling |
| publisher |
Open Publishing Association |
| series |
Electronic Proceedings in Theoretical Computer Science |
| issn |
2075-2180 |
| publishDate |
2014-10-01 |
| description |
Security attacks are hard to understand, often expressed with unfriendly and limited details, making it difficult for security experts and for security analysts to create intelligible security specifications. For instance, to explain Why (attack objective), What (i.e., system assets, goals, etc.), and How (attack method), adversary achieved his attack goals. We introduce in this paper a security attack meta-model for our SysML-Sec framework, developed to improve the threat identification and modeling through the explicit representation of security concerns with knowledge representation techniques. Our proposed meta-model enables the specification of these concerns through ontological concepts which define the semantics of the security artifacts and introduced using SysML-Sec diagrams. This meta-model also enables representing the relationships that tie several such concepts together. This representation is then used for reasoning about the knowledge introduced by system designers as well as security experts through the graphical environment of the SysML-Sec framework. |
| url |
http://arxiv.org/pdf/1410.4305v1 |
| work_keys_str_mv |
AT muhammadsabiridrees modelthesystemfromadversaryviewpointthreatsidentificationandmodeling AT yvesroudier modelthesystemfromadversaryviewpointthreatsidentificationandmodeling AT ludovicapvrille modelthesystemfromadversaryviewpointthreatsidentificationandmodeling |
| _version_ |
1725581370703478784 |