Biblio

Cybersecurity attacks, which have many business impacts, continuously become more intelligent and complex. These attacks take the form of a combination of various attack elements. APT attacks reflect this characteristic well. To defend against APT attacks, organizations should sufficiently understand these attacks based on the attack elements and their relations and actively defend against these attacks in multiple dimensions. Most organizations perform risk management to manage their information security. Generally, they use the information system risk assessment (ISRA). However, the method has difficulties supporting sufficiently analyzing security risks and actively responding to these attacks due to the limitations of asset-driven qualitative evaluation activities. In this paper, we propose a threat-driven risk assessment method. This method can evaluate how dangerous APT attacks are for an organization, analyze security risks from multiple perspectives, and support establishing an adaptive security strategy.

In a socio-technically connected environment, self-adaptive systems need to cooperate with others to collect information to provide context-dependent functionalities to users. A key component of ensuring safe and secure cooperation is finding trustworthy information and its providers. Trust is an emerging quality attribute that represents the level of belief in the cooperative environments and serves as a promising solution in this regard. In this research, we will focus on analyzing trust characteristics and defining trust-aware models through the trust-aware goal model and the provenance model. The trust-aware goal model is designed to represent the trust-related requirements and their relationships. The provenance model is analyzed as trust evidence to be used for the trust evaluation. The proposed approach contributes to build a comprehensive understanding of trust and design a trust-aware self-adaptive system. In order to show the feasibility of the proposed approach, we will conduct a case study with the crowd navigation system for an unmanned vehicle system.

Advanced Persistent Threat (APT) is one of the cyber threats that continuously attack specific targets exfiltrate information or destroy the system [1]. Because the attackers use various tools and methods according to the target, it is difficult to describe APT attack in a single pattern. Therefore, APT attacks are difficult to defend against with general countermeasures. In these days, systems consist of various components and related stakeholders, which makes it difficult to consider all the security concerns. In this paper, we propose an ontology knowledge base and its design process to recommend security requirements based on APT attack cases and system domain knowledge. The proposed knowledge base is divided into three parts; APT ontology, general security knowledge ontology, and domain-specific knowledge ontology. Each ontology can help to understand the security concerns in their knowledge. While integrating three ontologies into the problem domain ontology, the appropriate security requirements can be derived with the security requirements recommendation process. The proposed knowledge base and process can help to derive the security requirements while considering both real attacks and systems.