Visible to the public Biblio

Filters: Keyword is Security Modeling Techniques  [Clear All Filters]
2020-07-06
Tripathi, Dipty, Maurya, Ashish Kumar, Chaturvedi, Amrita, Tripathi, Anil Kumar.  2019.  A Study of Security Modeling Techniques for Smart Systems. 2019 International Conference on Machine Learning, Big Data, Cloud and Parallel Computing (COMITCon). :87–92.
The term “smart” has been used in many ways for describing systems and infrastructure such as smart city, smart home, smart grid, smart meter, etc. These systems may lie in the domain of critical security systems where security can be estimated in terms of confidentiality, integrity and some cases may involve availability for protection against the theft or damage of system resources as well as disruption of the system services. Although, in spite of, being a hot topic to enhance the quality of life, there is no concrete definition of what smart system is and what should be the characteristics of it. Thus, there is a need to identify what these systems actually are and how they can be designed securely. This work firstly attempts to describe attributes related to the smartness to define smart systems. Furthermore, we propose a secure smart system development life cycle, where the security is weaved at all the development phase of smart systems according to principles, guidelines, attack patterns, risk, vulnerability, exploits, and defined rules. Finally, the comparative study is performed for evaluation of traditional security modeling techniques for early assessment of threats and risks in smart systems.
2015-05-05
Hong, J.B., Dong Seong Kim.  2014.  Scalable Security Models for Assessing Effectiveness of Moving Target Defenses. Dependable Systems and Networks (DSN), 2014 44th Annual IEEE/IFIP International Conference on. :515-526.

Moving Target Defense (MTD) changes the attack surface of a system that confuses intruders to thwart attacks. Various MTD techniques are developed to enhance the security of a networked system, but the effectiveness of these techniques is not well assessed. Security models (e.g., Attack Graphs (AGs)) provide formal methods of assessing security, but modeling the MTD techniques in security models has not been studied. In this paper, we incorporate the MTD techniques in security modeling and analysis using a scalable security model, namely Hierarchical Attack Representation Models (HARMs), to assess the effectiveness of the MTD techniques. In addition, we use importance measures (IMs) for scalable security analysis and deploying the MTD techniques in an effective manner. The performance comparison between the HARM and the AG is given. Also, we compare the performance of using the IMs and the exhaustive search method in simulations.