摘要: The advent of the information age has notably amplified importance security. Unfortunately security considerations still widely occur as an afterthought. For many companies, is not a requirement to conduct business and therefore readily neglected. However lack may obstruct, impede even ruin otherwise flourishing enterprise. Only when internal computer networks shut down, web portals are inaccessible, mail servers attacked, or similar incidents affect day enterprise, enters into field vision companies. As such, by design only slowly becoming accepted practice. Amongst researchers, there no dispute that reasonable approach to- wards uninterrupted activities includes measures controls from beginning. To support these efforts, models have been developed. Graphical type model help illus- trate guide consideration throughout lifecycle product, system company. Their visual properties especially well-suited elucidate requirements corresponding measures. During last four years, we developed new graphical called attack–defense trees. framework, presented in this thesis, generalizes well-known attack trees model. Attack–defense formally extend enhance them with defenses. To be able deploy tool, equipped three different syntaxes: A visually appealing, graph-based syntax dedicated representing problems, algebraic, term-based simplifies correct, formal quantitative analysis scenarios textual compromise between succinct, representation easy, computerized input. We also equipped variety semantics. This became necessary, since applications require interpretations Besides very specific problem oriented propositional, De Morgan multiset semantics, introduced equational latter semantics is, fact, alternative, unified presentation based on theory. We expressed propositional seman- tics terms facilitates algorithmic treatment two foundation. To perform analysis, notion attribute for guarantee evaluation more semantically equal results same value, compatibility condition attributes. provided usability guidelines These user specify security-relevant questions can unambiguously answered using attributes. We performed several case studies allowed us test improve tree methodology. detailed explanations our choices during well extensive applicability serve prospective methodology manual. We demonstrated usefulness foundations relating other scientific research disciplines. Con- cretely, shown computationally complex Moreover, described how merge Bayesian il- lustrated equivalent class games frequently occurring game theory. Concluding related literature overview over methodologies.
oup.com
core.ac.uk
hw.ac.uk
oxfordjournals.org
sci-hub.se 参考文章(288)
Darrell Martin Kienzle, William A. Wulf, Practical computer security analysis University of Virginia. ,(1998)
Jurg Kohlas, Information Algebras: Generic Structures For Inference ,(2002)
George Avrunin, Lori A. Clarke, Matt Bishop, Leon J. Osterweil, Huong Phan, A systematic process-model-based approach for synthesizing attacks and evaluating them conference on electronic voting technology workshop on trustworthy elections. pp. 10- 10 ,(2012)
Daniele G. Spampinato, Per Håkon Meland, Egil Trygve Baadshaug, Egil Trygve Baadshaug, SeaMonster: Providing tool support for security modeling ,(2008)
Kenneth S. Edge, Richard A. Raines, A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees A framework for analyzing and mitigating the vulnerabilities of complex systems via attack and protection trees. pp. 219- 219 ,(2007)
Guttorm Sindre, Andreas L. Opdahl, Templates for Misuse Case Description ,(2001)
Bruce Schneier, Secrets and Lies Wiley-VCH. ,(2004)
Vaibhav Mehta, Constantinos Bartzis, Haifeng Zhu, Edmund Clarke, Jeannette Wing, Ranking Attack Graphs Lecture Notes in Computer Science. pp. 127- 144 ,(2006) , 10.1007/11856214_7
Shivani Mishra, Krishna Kant, R. S. Yadav, Multi Tree View of Complex Attack – Stuxnet Advances in Computing and Information Technology. pp. 171- 188 ,(2012) , 10.1007/978-3-642-31513-8_18