| HAL-Inria | Publications, software ... of Inria's scientists |
Conference papers
Analyzing Attack Strategies Through Anti-goal Refinement
Abstract : Analyzing security from an attacker’s perspective has been accepted as an effective approach for dealing with security requirements for complex systems. However, there is no systematic approach for constructing attack scenarios. As a result, the completeness of the derived attack scenarios is subject to the expertise of analysts. In this paper, we propose a systematic process for identifying attack scenarios to support security analysis, founded on anti-goal refinement. In particular, we examine three real attack scenarios in order to understand attack strategies that have been applied in reality. Based on our examination, we propose a comprehensive anti-goal refinement framework, which consists of five anti-goal refinement patterns and an analysis process for using the patterns as part of security design. Finally, we evaluate the proposed anti-goal refinement framework by applying it to a credit card theft scenario.
https://hal.inria.fr/hal-01442299
Contributor : Hal Ifip <>
Submitted on : Friday, January 20, 2017 - 3:20:30 PM
Last modification on : Friday, January 20, 2017 - 3:25:47 PM
Long-term archiving on: : Friday, April 21, 2017 - 3:34:10 PM
Contributor : Hal Ifip <>
Submitted on : Friday, January 20, 2017 - 3:20:30 PM
Last modification on : Friday, January 20, 2017 - 3:25:47 PM
Long-term archiving on: : Friday, April 21, 2017 - 3:34:10 PM
File
978-3-319-25897-3_6_Chapter.pd...
Files produced by the author(s)
Licence
Distributed under a Creative Commons Attribution 4.0 International License