Skip to Main content Skip to Navigation
Conference papers

Towards Automatic Risk Analysis and Mitigation of Software Applications

Abstract : This paper proposes a novel semi-automatic risk analysis approach that not only identifies the threats against the assets in a software application, but it is also able to quantify their risks and to suggests the software protections to mitigate them. Built on a formal model of the software, attacks, protections and their relationships, our implementation has shown promising performance on real world applications. This work represents a first step towards a user-friendly expert system for the protection of software applications.
Document type :
Conference papers
Complete list of metadata

Cited literature [19 references]  Display  Hide  Download

https://hal.inria.fr/hal-01639603
Contributor : Hal Ifip <>
Submitted on : Monday, November 20, 2017 - 2:53:36 PM
Last modification on : Monday, November 20, 2017 - 2:56:13 PM
Long-term archiving on: : Wednesday, February 21, 2018 - 2:25:59 PM

File

421627_1_En_8_Chapter.pdf
Files produced by the author(s)

Licence


Distributed under a Creative Commons Attribution 4.0 International License

Identifiers

Citation

Leonardo Regano, Daniele Canavese, Cataldo Basile, Alessio Viticchié, Antonio Lioy. Towards Automatic Risk Analysis and Mitigation of Software Applications. 10th IFIP International Conference on Information Security Theory and Practice (WISTP), Sep 2016, Heraklion, Greece. pp.120-135, ⟨10.1007/978-3-319-45931-8_8⟩. ⟨hal-01639603⟩

Share

Metrics

Record views

282

Files downloads

171