Transforming graphical system models to graphical attack models

Marieta Georgieva Ivanova; Christian W. Probst; René Rydhof Hansen; Florian Kammüller

doi:10.1007/978-3-319-29968-6_6

Transforming graphical system models to graphical attack models

Marieta Georgieva Ivanova, Christian W. Probst^*, René Rydhof Hansen, Florian Kammüller

^*Kontaktforfatter

Institut for Datalogi

Publikation: Bidrag til bog/antologi/rapport/konference proceeding › Konferenceartikel i proceeding › Forskning › peer review

23 Citationer (Scopus)

Abstract

Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.

Originalsprog	Engelsk
Titel	Graphical Models for Security : GraMSec 2015
Antal sider	15
Forlag	Springer
Publikationsdato	2016
Sider	82-96
ISBN (Trykt)	978-3-319-29967-9
ISBN (Elektronisk)	978-3-319-29968-6
DOI	https://doi.org/10.1007/978-3-319-29968-6_6
Status	Udgivet - 2016
Begivenhed	The Second International Workshop on Graphical Models for Security - Verona, Italien Varighed: 13 jul. 2015 → …

Konference

Konference	The Second International Workshop on Graphical Models for Security
Land/Område	Italien
By	Verona
Periode	13/07/2015 → …

Navn	Lecture Notes in Computer Science
Vol/bind	9390
ISSN	0302-9743

Adgang til dokumentet

10.1007/978-3-319-29968-6_6

AUB Link

Søg efter materialet i Aalborg Universitetsbiblioteks søgemaskine

Andre filer og links

http://www.scopus.com/inward/record.url?scp=85007591749&partnerID=8YFLogxK

Citationsformater

@inproceedings{9af28ae78367462f87062cdec5c36524,

title = "Transforming graphical system models to graphical attack models",

abstract = "Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.",

author = "Ivanova, {Marieta Georgieva} and Probst, {Christian W.} and Hansen, {Ren{\'e} Rydhof} and Florian Kamm{\"u}ller",

year = "2016",

doi = "10.1007/978-3-319-29968-6_6",

language = "English",

isbn = "978-3-319-29967-9",

series = "Lecture Notes in Computer Science",

publisher = "Springer",

pages = "82--96",

booktitle = "Graphical Models for Security",

address = "Germany",

note = "The Second International Workshop on Graphical Models for Security, GraMSec 2015 ; Conference date: 13-07-2015",

}

Ivanova, MG, Probst, CW, Hansen, RR & Kammüller, F 2016, Transforming graphical system models to graphical attack models. i Graphical Models for Security: GraMSec 2015. Springer, Lecture Notes in Computer Science, bind 9390, s. 82-96, The Second International Workshop on Graphical Models for Security, Verona, Italien, 13/07/2015. https://doi.org/10.1007/978-3-319-29968-6_6

Transforming graphical system models to graphical attack models. / Ivanova, Marieta Georgieva; Probst, Christian W.; Hansen, René Rydhof et al.
Graphical Models for Security: GraMSec 2015. Springer, 2016. s. 82-96 (Lecture Notes in Computer Science, Bind 9390).

Publikation: Bidrag til bog/antologi/rapport/konference proceeding › Konferenceartikel i proceeding › Forskning › peer review

TY - GEN

T1 - Transforming graphical system models to graphical attack models

AU - Ivanova, Marieta Georgieva

AU - Probst, Christian W.

AU - Hansen, René Rydhof

AU - Kammüller, Florian

PY - 2016

Y1 - 2016

N2 - Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.

AB - Manually identifying possible attacks on an organisation is a complex undertaking; many different factors must be considered, and the resulting attack scenarios can be complex and hard to maintain as the organisation changes. System models provide a systematic representation of organisations that helps in structuring attack identification and can integrate physical, virtual, and social components. These models form a solid basis for guiding the manual identification of attack scenarios. Their main benefit, however, is in the analytic generation of attacks. In this work we present a systematic approach to transforming graphical system models to graphical attack models in the form of attack trees. Based on an asset in the model, our transformations result in an attack tree that represents attacks by all possible actors in the model, after which the actor in question has obtained the asset.

UR - http://www.scopus.com/inward/record.url?scp=85007591749&partnerID=8YFLogxK

U2 - 10.1007/978-3-319-29968-6_6

DO - 10.1007/978-3-319-29968-6_6

M3 - Article in proceeding

AN - SCOPUS:85007591749

SN - 978-3-319-29967-9

T3 - Lecture Notes in Computer Science

SP - 82

EP - 96

BT - Graphical Models for Security

PB - Springer

T2 - The Second International Workshop on Graphical Models for Security

Y2 - 13 July 2015

ER -

Transforming graphical system models to graphical attack models

Abstract

Konference

Adgang til dokumentet

AUB Link

Andre filer og links

Fingeraftryk

Citationsformater