Paper Info
Title
Integrating attacker behavior in IT security analysis: a discrete-event simulation approach
Abstract
When designing secure information systems, a profound understanding of the threats that they are exposed to is indispensable. Today's most severe risks come from malicious threat agents exploiting a variety of attack vectors to achieve their goals, rather than from random opportunistic threats such as malware. Most security analyses, however, focus on fixing technical weaknesses, but do not account for sophisticated combinations of attack mechanisms and heterogeneity in adversaries' motivations, resources, capabilities, or points of access. In order to address these shortcomings and, thus, to provide security analysts with a tool that makes it possible to also identify emergent weaknesses that may arise from dynamic interactions of attacks, we have combined rich conceptual modeling of security knowledge with attack graph generation and discrete-event simulation techniques. This paper describes the prototypical implementation of the resulting security analysis tool and demonstrates how it can be used for an experimental evaluation of a system's resilience against various adversaries.
Year
DOI
Venue
2015
10.1007/s10799-015-0232-6
Information Technology and Management
Keywords
Field
DocType
IT security, Modeling and simulation, Secure systems analysis and design, Attacker behavior
Security through obscurity,Vulnerability (computing),Computer science,Computer security,Asset (computer security),Covert channel,Security analysis,Security policy,Countermeasure (computer),Malware
Journal
Volume
Issue
ISSN
16
3
1573-7667
Citations 
PageRank 
References 
4
0.51
22
Authors
5
Name
Order
Citations
PageRank
Andreas Ekelhart131733.03
Elmar Kiesling28211.47
Bernhard Grill3152.81
Christine Strauss450144.68
Christian Stummer556739.96